ZyXEL Communications NWA3160 User Manual

NWA-3160 Series

IEEE 802.11a/b/g Business WLAN Access Point

IEEE 802.11b/g Business WLAN Access Point

IEEE WirelessN Business WLAN Access Point

User’s Guide

Version 3.60 07/2008 Edition 3

DEFAULT LOGIN

IP Address http://192.168.1.2

Password 1234

www.zyxel.com

About This User's Guide

Intended Audience

This manual is intended for people who want to configure the ZyXEL Device using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology.

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

1 Warnings tell you about things that could harm you or your device.

" Notes tell you other important information (for example, other things you may

need to configure or helpful tips) or recommendations.

Syntax Conventions

• The NWA-3160, NWA-3163 or NWA-3165 may be referred to as the “ZyXEL Device”, the “device” or the “system” in this User’s Guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “return” key on your keyboard.

• “Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Maintenance > Log > Log Setting means you first click Maintenance in the navigation panel, then the Log sub menu and finally the Log Setting tab to get to that screen.

• Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

ZyXEL NWA-3160 Series User’s Guide

Document Conventions

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device.

ZyXEL Device Computer Notebook computer

Server DSLAM Firewall

Telephone Switch Router

ZyXEL NWA-3160 Series User’s Guide

Safety Warnings

1 For your safety, be sure to read and follow all warning notices and instructions.

• Do NOT use this product near water, for example, in a wet basement or near a swimming pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• ONLY qualified service personnel should service or disassemble this device.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device.

• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.

• If the power adaptor or cord is damaged, remove it from the power outlet.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.

• Antenna Warning! This device meets ETSI and FCC certification requirements when using the included antenna(s). Only use the included antenna(s).

• If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged.

• The PoE (Power over Ethernet) devices that supply or receive power and their connected Ethernet cables must all be completely indoors.

This product is recyclable. Dispose of it properly.

ZyXEL NWA-3160 Series User’s Guide

Safety Warnings

ZyXEL NWA-3160 Series User’s Guide

Safety Warnings

ZyXEL NWA-3160 Series User’s Guide

Contents Overview

Introduction ............................................................................................................................ 29

Introducing the ZyXEL Device ...................................................................................................31

Introducing the Web Configurator .............................................................................................. 41

Tutorial ....................................................................................................................................... 45

Status Screens .......................................................................................................................... 73

Management Mode .................................................................................................................... 77

AP Controller Mode (NWA-3160 Only) ...................................................................................... 81

The Web Configurator ...........................................................................................................95

System Screens ........................................................................................................................ 97

Wireless Configuration ............................................................................................................ 103

Wireless Security Configuration .............................................................................................. 121

MBSSID and SSID .................................................................................................................. 137

Other Wireless Configuration .................................................................................................. 145

IP Screen ................................................................................................................................. 155

Rogue AP ................................................................................................................................ 157

Remote Management Screens ................................................................................................ 163

Internal RADIUS Server .......................................................................................................... 175

Certificates ............................................................................................................................... 181

Log Screens ............................................................................................................................ 199

VLAN ....................................................................................................................................... 207

Maintenance ............................................................................................................................ 225

Troubleshooting and Specifications ..................................................................................233

Troubleshooting ....................................................................................................................... 235

Product Specifications ............................................................................................................. 241

Appendices and Index ......................................................................................................... 249

ZyXEL NWA-3160 Series User’s Guide

Contents Overview

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

About This User's Guide ..........................................................................................................3

Document Conventions............................................................................................................4

Safety Warnings........................................................................................................................6

Contents Overview ...................................................................................................................9

Table of Contents.................................................................................................................... 11

List of Figures ......................................................................................................................... 19

List of Tables...........................................................................................................................25

Part I: Introduction................................................................................. 29

Chapter 1

Introducing the ZyXEL Device...............................................................................................31

1.1 Introducing the ZyXEL Device ............................................................................................ 31

1.2 Applications for the ZyXEL Device ...................................................................................... 31

1.2.1 Access Point .............................................................................................................. 32

1.2.2 Bridge / Repeater (NWA-3160 and NWA-3163 Only) ................................................ 32

1.2.3 AP + Bridge (NWA-3160 and NWA-3163 Only) ......................................................... 33

1.2.4 MBSSID ..................................................................................................................... 34

1.2.5 Pre-Configured SSID Profiles .................................................................................... 35

1.3 CAPWAP (NWA-3160 and NWA-3163 Only) ...................................................................... 36

1.4 Ways to Manage the ZyXEL Device .................................................................................... 36

1.5 Good Habits for Managing the ZyXEL Device ..................................................................... 36

1.6 Hardware Connections ........................................................................................................ 37

1.6.1 Antennas .................................................................................................................... 37

1.7 LEDs .................................................................................................................................... 37

Chapter 2

Introducing the Web Configurator ........................................................................................ 41

2.1 Accessing the Web Configurator ......................................................................................... 41

2.2 Resetting the ZyXEL Device ................................................................................................ 43

2.2.1 Methods of Restoring Factory-Defaults ...................................................................... 43

2.3 Navigating the Web Configurator ......................................................................................... 44

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

Chapter 3

Tutorial ..................................................................................................................................... 45

3.1 How to Configure the Wireless LAN .................................................................................... 45

3.1.1 Choosing the Wireless Mode ..................................................................................... 45

3.1.2 Wireless LAN Configuration Overview ....................................................................... 46

3.1.3 Further Reading ......................................................................................................... 48

3.2 How to Configure Multiple Wireless Networks ..................................................................... 48

3.2.1 Change the Operating Mode ...................................................................................... 49

3.2.2 Configure the VoIP Network ....................................................................................... 51

3.2.2.1 Set Up Security for the VoIP Profile ................................................52

3.2.2.2 Activate the VoIP Profile ..................................................................54

3.2.3 Configure the Guest Network ..................................................................................... 54

3.2.3.1 Set Up Security for the Guest Profile ..............................................55

3.2.3.2 Set up Layer 2 Isolation ..................................................................56

3.2.3.3 Activate the Guest Profile ................................................................57

3.2.4 Testing the Wireless Networks ................................................................................... 57

3.3 How to Set Up and Use Rogue AP Detection ..................................................................... 58

3.3.1 Set Up and Save a Friendly AP list ............................................................................ 60

3.3.2 Activate Periodic Rogue AP Detection ....................................................................... 62

3.3.3 Set Up E-mail Logs .................................................................................................... 63

3.3.4 Configure Your Other Access Points .......................................................................... 64

3.3.5 Test the Setup ............................................................................................................ 64

3.4 Using Multiple MAC Filters and L-2 Isolation Profiles .......................................................... 65

3.4.1 Scenario ..................................................................................................................... 65

3.4.2 Your Requirements ..................................................................................................... 65

3.4.3 Setup .......................................................................................................................... 66

3.4.4 Configure the SERVER_1 Network ............................................................................ 66

3.4.5 Configure the SERVER_2 Network ............................................................................ 69

3.4.6 Checking your Settings and Testing the Configuration .............................................. 70

3.4.6.1 Checking Settings ...........................................................................70

3.4.6.2 Testing the Configuration ................................................................70

Chapter 4

Status Screens........................................................................................................................ 73

4.1 The Status Screen ............................................................................................................... 73

Chapter 5

Management Mode.................................................................................................................. 77

5.1 About CAPWAP ................................................................................................................... 77

5.1.1 CAPWAP Discovery and Management ...................................................................... 77

5.1.2 CAPWAP and DHCP .................................................................................................. 78

5.1.3 CAPWAP and IP Subnets .......................................................................................... 78

5.1.4 Notes on CAPWAP .................................................................................................... 79

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

5.2 The Management Mode Screen .......................................................................................... 79

Chapter 6

AP Controller Mode (NWA-3160 Only) ..................................................................................81

6.1 Status Screen ...................................................................................................................... 81

6.1.1 The AP List Status Screen ......................................................................................... 82

6.1.2 The AP Statistics Screen ............................................................................................ 83

6.1.3 The AP Association List Screen ................................................................................. 84

6.1.4 The SSID Information Screen .................................................................................... 84

6.2 Navigation Bar ..................................................................................................................... 85

6.3 The Controller Screens ........................................................................................................ 86

6.3.1 The AP Lists Screen .................................................................................................. 86

6.3.2 The AP Lists Edit Screen ........................................................................................... 88

6.3.3 The Configuration Screen .......................................................................................... 89

6.4 The Profile Edit Screens ...................................................................................................... 90

6.4.1 The Radio Profile Screen ........................................................................................... 90

6.5 The Radio Profile Edit Screen ............................................................................................. 91

Part II: The Web Configurator ............................................................... 95

Chapter 7

System Screens ...................................................................................................................... 97

7.1 System Overview ................................................................................................................. 97

7.2 Configuring General Setup ..................................................................................................97

7.3 Administrator Authentication on RADIUS ............................................................................ 98

7.3.1 Configuring the Password .......................................................................................... 98

7.4 Configuring Time Setting ..................................................................................................100

7.5 Pre-defined NTP Time Servers List ................................................................................... 102

Chapter 8

Wireless Configuration.........................................................................................................103

8.1 Wireless LAN Overview ..................................................................................................... 103

8.1.1 BSS .......................................................................................................................... 103

8.1.2 ESS .......................................................................................................................... 104

8.2 Wireless LAN Basics ......................................................................................................... 104

8.3 Quality of Service .............................................................................................................. 105

8.3.1 WMM QoS ................................................................................................................ 105

8.3.1.1 WMM QoS Priorities ......................................................................105

8.3.2 ATC .......................................................................................................................... 105

8.3.3 ATC+WMM ............................................................................................................... 106

8.3.3.1 ATC+WMM from LAN to WLAN ....................................................106

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

8.3.4 Type Of Service (ToS) .............................................................................................. 107

8.3.5 ToS (Type of Service) and WMM QoS ..................................................................... 108

8.4 Spanning Tree Protocol (STP) ........................................................................................... 108

8.4.1 Rapid STP ................................................................................................................108

8.4.2 STP Terminology ...................................................................................................... 109

8.4.3 How STP Works ....................................................................................................... 109

8.4.4 STP Port States .........................................................................................................110

8.5 DFS ....................................................................................................................................110

8.6 Wireless Screen Overview .................................................................................................110

8.7 Configuring Wireless Settings ............................................................................................ 111

8.7.1 Access Point Mode: NWA-3160 and NWA-3163 ......................................................111

8.7.2 Access Point Mode: NWA-3165 ................................................................................114

8.7.3 Bridge/Repeater Mode (NWA-3160 and NWA-3163 Only) .......................................116

8.7.4 AP+Bridge Mode (NWA-3160 and NWA-3163 Only) ............................................... 120

8.7.5 MBSSID Mode ......................................................................................................... 120

8.3.3.2 ATC+WMM from WLAN to LAN ....................................................107

8.3.4.1 DiffServ ..........................................................................................107

8.3.4.2 DSCP and Per-Hop Behavior ........................................................107

Chapter 9

Wireless Security Configuration ......................................................................................... 121

9.1 Wireless Security Overview ............................................................................................... 121

9.1.1 Encryption ................................................................................................................ 121

9.1.2 Restricted Access .................................................................................................... 121

9.1.3 Hide Identity ............................................................................................................. 121

9.1.4 WEP Encryption ....................................................................................................... 121

9.2 802.1x Overview ................................................................................................................ 122

9.3 EAP Authentication Overview ............................................................................................ 122

9.4 Introduction to WPA ........................................................................................................... 122

9.4.1 User Authentication ................................................................................................. 123

9.4.2 Encryption ............................................................................................................... 123

9.4.3 WPA(2)-PSK Application Example ........................................................................... 123

9.5 WPA(2) with External RADIUS Application Example ......................................................... 124

9.6 Security Modes .................................................................................................................. 125

9.7 Wireless Client WPA Supplicants ...................................................................................... 126

9.8 Wireless Security Effectiveness ......................................................................................... 126

9.9 Configuring Security .......................................................................................................... 126

9.9.1 Security: WEP .......................................................................................................... 127

9.9.2 Security: 802.1x Only ............................................................................................... 128

9.9.3 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ................................................. 129

9.9.4 Security: WPA .......................................................................................................... 131

9.9.5 Security: WPA2 or WPA2-MIX .................................................................................. 131

9.9.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX .................................................. 133

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

9.10 Introduction to RADIUS ................................................................................................... 134

9.11 Configuring RADIUS ........................................................................................................134

Chapter 10

MBSSID and SSID .................................................................................................................137

10.1 Wireless LAN Infrastructures ........................................................................................... 137

10.1.1 MBSSID ................................................................................................................. 137

10.1.2 Notes on Multiple BSS ........................................................................................... 137

10.1.3 Multiple BSS Example ............................................................................................ 137

10.1.4 Multiple BSS with VLAN Example .......................................................................... 137

10.1.5 Configuring Multiple BSSs ..................................................................................... 138

10.2 SSID ................................................................................................................................ 140

10.2.1 The SSID Screen ................................................................................................... 140

10.2.2 Configuring SSID ................................................................................................... 141

Chapter 11

Other Wireless Configuration..............................................................................................145

11.1 Layer-2 Isolation Introduction ........................................................................................... 145

11.2 The Layer-2 Isolation Screen ........................................................................................... 146

11.3 Configuring Layer-2 Isolation ........................................................................................... 147

11.3.1 Layer-2 Isolation Examples .................................................................................... 148

11.3.1.1 Layer-2 Isolation Example 1 ........................................................149

11.3.1.2 Layer-2 Isolation Example 2 ........................................................149

11.4 The MAC Filter Screen .................................................................................................... 150

11.4.1 Configuring MAC Filtering ...................................................................................... 151

11.5 Configuring Roaming .......................................................................................................152

11.5.1 Requirements for Roaming .................................................................................... 153

Chapter 12

IP Screen................................................................................................................................ 155

12.1 Factory Ethernet Defaults ................................................................................................ 155

12.2 TCP/IP Parameters .........................................................................................................155

12.2.1 WAN IP Address Assignment ................................................................................. 155

12.3 Configuring IP Settings .................................................................................................... 156

Chapter 13

Rogue AP...............................................................................................................................157

13.1 Rogue AP Introduction .................................................................................................... 157

13.2 Rogue AP Examples ....................................................................................................... 157

13.2.1 “Honeypot” Attack .................................................................................................. 158

13.3 Configuring Rogue AP Detection (NWA-3160 and NWA-3163 Only) .............................. 159

13.3.1 Rogue AP: Configuration ....................................................................................... 160

13.3.2 Rogue AP: Friendly AP .......................................................................................... 160

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

13.3.3 Rogue AP List ........................................................................................................ 161

Chapter 14

Remote Management Screens............................................................................................. 163

14.1 Remote Management Overview ...................................................................................... 163

14.1.1 Remote Management Limitations .......................................................................... 163

14.1.2 System Timeout .................................................................................................... 163

14.2 Configuring Telnet ............................................................................................................ 164

14.3 Configuring FTP .............................................................................................................. 165

14.4 Configuring WWW ...........................................................................................................166

14.5 SNMP .............................................................................................................................. 167

14.5.1 Supported MIBs ..................................................................................................... 168

14.5.2 SNMP Traps ........................................................................................................... 169

14.6 SNMP Trap Interface Index ............................................................................................. 169

14.6.1 SNMP v3 and Security ........................................................................................... 170

14.6.2 Configuring SNMP ................................................................................................. 170

14.6.2.1 The SNMPv3 User Profile Screen (NWA-3165 Only) .................172

Chapter 15

Internal RADIUS Server........................................................................................................175

15.1 Internal RADIUS Overview .............................................................................................. 175

15.2 Internal RADIUS Server Setting ...................................................................................... 175

15.3 Trusted AP Overview .......................................................................................................177

15.4 Configuring Trusted AP ................................................................................................... 178

15.5 Configuring Trusted Users ............................................................................................... 179

Chapter 16

Certificates ............................................................................................................................181

16.1 Certificates Overview ....................................................................................................... 181

16.1.1 Advantages of Certificates ..................................................................................... 182

16.2 Self-signed Certificates .................................................................................................... 182

16.3 Verifying a Certificate ....................................................................................................... 182

16.3.1 Checking the Fingerprint of a Certificate on Your Computer .................................. 182

16.4 Configuration Summary ................................................................................................... 183

16.5 My Certificates ................................................................................................................. 183

16.6 Certificate File Formats .................................................................................................... 185

16.7 Importing a Certificate ..................................................................................................... 186

16.8 Creating a Certificate ....................................................................................................... 187

16.9 My Certificate Details ....................................................................................................... 189

16.10 Trusted CAs ................................................................................................................... 192

16.11 Importing a Trusted CA’s Certificate .............................................................................. 193

16.12 Trusted CA Certificate Details ....................................................................................... 194

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

Chapter 17

Log Screens ..........................................................................................................................199

17.1 Configuring View Log ....................................................................................................... 199

17.2 Configuring Log Settings ................................................................................................. 200

17.3 Example Log Messages .................................................................................................. 202

17.4 Log Commands ............................................................................................................... 204

17.4.1 Configuring What You Want the ZyXEL Device to Log .......................................... 204

17.4.2 Displaying Logs ...................................................................................................... 204

17.5 Log Command Example .................................................................................................. 205

Chapter 18

VLAN ...................................................................................................................................... 207

18.1 VLAN ............................................................................................................................... 207

18.1.1 Management VLAN ID ........................................................................................... 207

18.1.2 VLAN Tagging ........................................................................................................ 207

18.2 Configuring VLAN ............................................................................................................ 208

18.2.1 Wireless VLAN ....................................................................................................... 208

18.2.2 RADIUS VLAN ....................................................................................................... 210

18.2.3 Configuring Management VLAN Example ..............................................................211

18.2.4 Configuring Microsoft’s IAS Server Example ......................................................... 214

18.2.4.1 Configuring VLAN Groups ...........................................................214

18.2.4.2 Configuring Remote Access Policies ..........................................215

18.2.5 Second Rx VLAN ID Example ................................................................................ 222

18.2.5.1 Second Rx VLAN Setup Example ...............................................222

Chapter 19

Maintenance .......................................................................................................................... 225

19.1 Maintenance Overview .................................................................................................... 225

19.2 System Status Screen (NWA-3160 and NWA-3163 Only) ............................................... 225

19.2.1 System Statistics .................................................................................................... 226

19.3 Association List ................................................................................................................ 226

19.4 Channel Usage (NWA-3160 and NWA-3163 Only) ......................................................... 227

19.5 F/W Upload Screen .........................................................................................................228

19.6 Configuration Screen ....................................................................................................... 230

19.6.1 Backup Configuration ............................................................................................. 230

19.6.2 Restore Configuration ........................................................................................... 231

19.6.3 Back to Factory Defaults ........................................................................................ 232

19.7 Restart Screen ................................................................................................................. 232

Part III: Troubleshooting and Specifications ..................................... 233

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

Chapter 20

Troubleshooting.................................................................................................................... 235

20.1 Power, Hardware Connections, and LEDs ...................................................................... 235

20.2 ZyXEL Device Access and Login .................................................................................... 236

20.3 Internet Access ................................................................................................................ 238

20.4 Wireless Router/AP Troubleshooting ............................................................................... 239

Chapter 21

Product Specifications.........................................................................................................241

Part IV: Appendices and Index ........................................................... 249

Appendix A Setting up Your Computer’s IP Address............................................................ 251

Appendix B Wireless LANs ..................................................................................................263

Appendix C Pop-up Windows, JavaScripts and Java Permissions ...................................... 277

Appendix D IP Addresses and Subnetting ........................................................................... 283

Appendix E Text File Based Auto Configuration................................................................... 291

Appendix F Legal Information ..............................................................................................299

Appendix G Customer Support ............................................................................................303

Index....................................................................................................................................... 309

ZyXEL NWA-3160 Series User’s Guide

List of Figures

Figure 1 Access Point Application .......................................................................................................... 32

Figure 2 Bridge Application .................................................................................................................... 33

Figure 3 Repeater Application ................................................................................................................ 33

Figure 4 AP+Bridge Application ............................................................................................................. 34

Figure 5 Multiple BSSs ........................................................................................................................... 35

Figure 6 Main Antenna ........................................................................................................................... 37

Figure 7 LEDs ......................................................................................................................................... 38

Figure 8 Enter the System Name ........................................................................................................... 41

Figure 9 Change Password Screen ........................................................................................................ 42

Figure 10 Replace Certificate Screen ..................................................................................................... 43

Figure 11 The Status Screen of the Web Configurator ........................................................................... 44

Figure 12 Configuring Wireless LAN ...................................................................................................... 47

Figure 13 Tutorial: Example MBSSID Setup .......................................................................................... 49

Figure 14 Tutorial: Wireless LAN: Before ............................................................................................... 50

Figure 15 Tutorial: Wireless LAN: Change Mode ................................................................................... 50

Figure 16 Tutorial: WIRELESS > SSID .................................................................................................. 51

Figure 17 Tutorial: VoIP SSID Profile Edit .............................................................................................. 52

Figure 18 Tutorial: VoIP Security ............................................................................................................ 53

Figure 19 Tutorial: VoIP Security Profile Edit .......................................................................................... 53

Figure 20 Tutorial: VoIP Security: Updated ............................................................................................ 54

Figure 21 Tutorial: Activate VoIP Profile ................................................................................................. 54

Figure 22 Tutorial: Guest Edit ................................................................................................................. 55

Figure 23 Tutorial: Guest Security Profile Edit ........................................................................................ 55

Figure 24 Tutorial: Guest Security: Updated .......................................................................................... 56

Figure 25 Tutorial: Layer 2 Isolation ....................................................................................................... 56

Figure 26 Tutorial: Layer 2 Isolation Profile ............................................................................................ 57

Figure 27 Tutorial: Activate Guest Profile ............................................................................................... 57

Figure 28 Tutorial: Wireless Network Example ....................................................................................... 59

Figure 29 Tutorial: Friendly AP (Before Data Entry) ............................................................................... 60

Figure 30 Tutorial: Friendly AP (After Data Entry) ................................................................................. 61

Figure 31 Tutorial: Configuration ............................................................................................................ 61

Figure 32 Tutorial: Warning .................................................................................................................... 62

Figure 33 Tutorial: Save Friendly AP list ................................................................................................ 62

Figure 34 Tutorial: Periodic Rogue AP Detection .................................................................................. 62

Figure 35 Tutorial: Log Settings .............................................................................................................. 63

Figure 36 Tutorial: Example Network ..................................................................................................... 65

Figure 37 Tutorial: SSID Profile .............................................................................................................. 67

Figure 38 Tutorial: SSID Edit .................................................................................................................. 68

ZyXEL NWA-3160 Series User’s Guide

List of Figures

Figure 39 Tutorial: Layer-2 Isolation Edit ................................................................................................ 68

Figure 40 Tutorial: MAC Filter Edit (SERVER_1) ................................................................................... 69

Figure 41 Tutorial: SSID Profiles Activated ............................................................................................ 70

Figure 42 Tutorial: SSID Tab Correct Settings ........................................................................................ 70

Figure 43 The Status Screen .................................................................................................................. 74

Figure 44 CAPWAP Network Example ................................................................................................... 77

Figure 45 CAPWAP and DHCP Option 43 ............................................................................................. 78

Figure 46 The Management Mode Screen ............................................................................................. 79

Figure 47 AP Controller: the Status Screen ............................................................................................ 81

Figure 48 AP List Status ......................................................................................................................... 82

Figure 49 AP Statistics ........................................................................................................................... 83

Figure 50 AP Association List ................................................................................................................. 84

Figure 51 SSID Information .................................................................................................................... 85

Figure 52 AP Controller: Links ................................................................................................................ 85

Figure 53 The Controller > AP Lists Screen ........................................................................................... 87

Figure 54 The Controller > AP Lists > Edit Screen ................................................................................. 88

Figure 55 The Controller > Configuration Screen ................................................................................... 89

Figure 56 The Profile Edit > Radio Screen ............................................................................................. 90

Figure 57 The Profile Edit > Radio > Edit Screen ................................................................................... 91

Figure 58 System > General .................................................................................................................. 97

Figure 59 SYSTEM > Password. ............................................................................................................ 99

Figure 60 SYSTEM > Time Setting ...................................................................................................... 100

Figure 61 Basic Service set .................................................................................................................. 103

Figure 62 Extended Service Set ........................................................................................................... 104

Figure 63 DiffServ: Differentiated Service Field .................................................................................... 107

Figure 64 Wireless: Access Point (NWA-3160 and NWA-3163) ............................................................112

Figure 65 Wireless: Access Point (NWA-3165) .....................................................................................114

Figure 66 Bridging Example ..................................................................................................................116

Figure 67 Bridge Loop: Two Bridges Connected to Hub .......................................................................117

Figure 68 Bridge Loop: Bridge Connected to Wired LAN ......................................................................117

Figure 69 Wireless: Bridge/Repeater (NWA-3160 and NWA-3163 Only) ..............................................118

Figure 70 Wireless: AP+Bridge ............................................................................................................ 120

Figure 71 EAP Authentication .............................................................................................................. 122

Figure 72 WPA(2)-PSK Authentication ................................................................................................. 124

Figure 73 WPA(2) with RADIUS Application Example ......................................................................... 125

Figure 74 Wireless > Security ............................................................................................................... 127

Figure 75 WIRELESS > Security: WEP ................................................................................................ 128

Figure 76 Security: 802.1x Only .......................................................................................................... 129

Figure 77 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ............................................................ 130

Figure 78 Security: WPA ..................................................................................................................... 131

Figure 79 Security:WPA2 or WPA2-MIX ............................................................................................... 132

Figure 80 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ........................................................... 133

Figure 81 RADIUS ................................................................................................................................ 134

ZyXEL NWA-3160 Series User’s Guide

List of Figures

Figure 82 Multiple BSS with VLAN Example ........................................................................................ 138

Figure 83 Wireless: Multiple BSS ......................................................................................................... 138

Figure 84 SSID ..................................................................................................................................... 141

Figure 85 Configuring SSID .................................................................................................................. 142

Figure 86 Layer-2 Isolation Application ................................................................................................ 146

Figure 87 WIRELESS > Layer 2 Isolation ............................................................................................ 147

Figure 88 WIRELESS > Layer-2 Isolation Configuration Screen ......................................................... 148

Figure 89 Layer-2 Isolation Example Configuration ............................................................................. 149

Figure 90 Layer-2 Isolation Example 1 ................................................................................................. 149

Figure 91 Layer-2 Isolation Example 2 ................................................................................................. 150

Figure 92 WIRELESS > MAC Filter ...................................................................................................... 150

Figure 93 MAC Address Filter .............................................................................................................. 151

Figure 94 Roaming Example ................................................................................................................ 153

Figure 95 Roaming ............................................................................................................................... 154

Figure 96 IP Setup ................................................................................................................................ 156

Figure 97 Rogue AP: Example ............................................................................................................ 158

Figure 98 “Honeypot” Attack ................................................................................................................. 159

Figure 99 ROGUE AP > Configuration ................................................................................................. 160

Figure 100 ROGUE AP > Friendly AP .................................................................................................. 161

Figure 101 ROGUE AP > Rogue AP .................................................................................................... 162

Figure 102 Telnet Configuration on a TCP/IP Network ......................................................................... 164

Figure 103 Remote Management: Telnet ............................................................................................. 164

Figure 104 Remote Management: FTP ................................................................................................ 165

Figure 105 Remote Management: WWW ............................................................................................. 166

Figure 106 SNMP Management Model ................................................................................................ 168

Figure 107 Remote Management: SNMP ............................................................................................ 171

Figure 108 Remote Management: SNMPv3 User Profile ..................................................................... 172

Figure 109 Internal RADIUS Server Setting Screen ............................................................................. 176

Figure 110 Trusted AP Overview .......................................................................................................... 178

Figure 111 Trusted AP Screen .............................................................................................................. 179

Figure 112 Trusted Users Screen ......................................................................................................... 180

Figure 113 Certificates on Your Computer ............................................................................................ 182

Figure 114 Certificate Details ............................................................................................................... 183

Figure 115 My Certificates .................................................................................................................... 184

Figure 116 My Certificate Import .......................................................................................................... 186

Figure 117 My Certificate Create .......................................................................................................... 187

Figure 118 My Certificate Details .......................................................................................................... 190

Figure 119 Trusted CAs ........................................................................................................................ 192

Figure 120 Trusted CA Import .............................................................................................................. 194

Figure 121 Trusted CA Details ............................................................................................................. 195

Figure 122 View Log ............................................................................................................................. 199

Figure 123 Log Settings ....................................................................................................................... 201

Figure 124 WIRELESS VLAN .............................................................................................................. 209

ZyXEL NWA-3160 Series User’s Guide

List of Figures

Figure 125 RADIUS VLAN ................................................................................................................... 210

Figure 126 Management VLAN Configuration Example ....................................................................... 212

Figure 127 VLAN-Aware Switch - Static VLAN .....................................................................................212

Figure 128 VLAN-Aware Switch ........................................................................................................... 212

Figure 129 VLAN-Aware Switch - VLAN Status .................................................................................... 213

Figure 130 VLAN Setup ........................................................................................................................ 213

Figure 131 New Global Security Group ............................................................................................... 215

Figure 132 Add Group Members ......................................................................................................... 215

Figure 133 New Remote Access Policy for VLAN Group .................................................................... 216

Figure 134 Specifying Windows-Group Condition ................................................................................ 216

Figure 135 Adding VLAN Group .......................................................................................................... 217

Figure 136 Granting Permissions and User Profile Screens ............................................................... 217

Figure 137 Authentication Tab Settings ................................................................................................ 218

Figure 138 Encryption Tab Settings ..................................................................................................... 218

Figure 139 Connection Attributes Screen ............................................................................................ 219

Figure 140 RADIUS Attribute Screen .................................................................................................. 219

Figure 141 802 Attribute Setting for Tunnel-Medium-Type .................................................................. 220

Figure 142 VLAN ID Attribute Setting for Tunnel-Pvt-Group-ID .......................................................... 220

Figure 143 VLAN Attribute Setting for Tunnel-Type ............................................................................ 221

Figure 144 Completed Advanced Tab .................................................................................................. 221

Figure 145 Second Rx VLAN ID Example ............................................................................................ 222

Figure 146 Configuring SSID: Second Rx VLAN ID Example .............................................................. 223

Figure 147 System Status .................................................................................................................... 225

Figure 148 System Status: Show Statistics .......................................................................................... 226

Figure 149 Association List .................................................................................................................. 227

Figure 150 Channel Usage ................................................................................................................... 227

Figure 151 Firmware Upload ................................................................................................................ 228

Figure 152 Firmware Upload In Process .............................................................................................. 229

Figure 153 Network Temporarily Disconnected ....................................................................................229

Figure 154 Firmware Upload Error ....................................................................................................... 230

Figure 155 Configuration ...................................................................................................................... 230

Figure 156 Configuration Upload Successful ....................................................................................... 231

Figure 157 Network Temporarily Disconnected ....................................................................................231

Figure 158 Configuration Upload Error ................................................................................................. 232

Figure 159 Reset Warning Message .................................................................................................... 232

Figure 160 Restart Screen ................................................................................................................... 232

Figure 161 Wall-mounting Example ...................................................................................................... 245

Figure 162 Masonry Plug and M4 Tap Screw .......................................................................................245

Figure 163 WIndows 95/98/Me: Network: Configuration ...................................................................... 252

Figure 164 Windows 95/98/Me: TCP/IP Properties: IP Address .......................................................... 253

Figure 165 Windows 95/98/Me: TCP/IP Properties: DNS Configuration .............................................. 254

Figure 166 Windows XP: Start Menu .................................................................................................... 255

Figure 167 Windows XP: Control Panel ............................................................................................... 255

ZyXEL NWA-3160 Series User’s Guide

List of Figures

Figure 168 Windows XP: Control Panel: Network Connections: Properties ......................................... 256

Figure 169 Windows XP: Local Area Connection Properties ............................................................... 256

Figure 170 Windows XP: Advanced TCP/IP Settings .......................................................................... 257

Figure 171 Windows XP: Internet Protocol (TCP/IP) Properties .......................................................... 258

Figure 172 Macintosh OS 8/9: Apple Menu .......................................................................................... 259

Figure 173 Macintosh OS 8/9: TCP/IP ................................................................................................. 259

Figure 174 Macintosh OS X: Apple Menu ............................................................................................ 260

Figure 175 Macintosh OS X: Network .................................................................................................. 261

Figure 176 Peer-to-Peer Communication in an Ad-hoc Network ......................................................... 263

Figure 177 Basic Service Set ............................................................................................................... 264

Figure 178 Infrastructure WLAN ........................................................................................................... 265

Figure 179 RTS/CTS ............................................................................................................................ 266

Figure 180 WPA(2) with RADIUS Application Example ....................................................................... 273

Figure 181 WPA(2)-PSK Authentication ............................................................................................... 274

Figure 182 Pop-up Blocker ................................................................................................................... 277

Figure 183 Internet Options: Privacy .................................................................................................... 278

Figure 184 Internet Options: Privacy .................................................................................................... 279

Figure 185 Pop-up Blocker Settings ..................................................................................................... 279

Figure 186 Internet Options: Security ................................................................................................... 280

Figure 187 Security Settings - Java Scripting ....................................................................................... 281

Figure 188 Security Settings - Java ...................................................................................................... 281

Figure 189 Java (Sun) .......................................................................................................................... 282

Figure 190 Network Number and Host ID ............................................................................................ 284

Figure 191 Subnetting Example: Before Subnetting ............................................................................ 286

Figure 192 Subnetting Example: After Subnetting ............................................................................... 287

Figure 193 Text File Based Auto Configuration .................................................................................... 291

Figure 194 Configuration File Format ................................................................................................... 293

Figure 195 WEP Configuration File Example ....................................................................................... 294

Figure 196 802.1X Configuration File Example .................................................................................... 295

Figure 197 WPA-PSK Configuration File Example ............................................................................... 295

Figure 198 WPA Configuration File Example ....................................................................................... 296

Figure 199 Wlan Configuration File Example ....................................................................................... 297

ZyXEL NWA-3160 Series User’s Guide

List of Figures

ZyXEL NWA-3160 Series User’s Guide

List of Tables

Table 1 Models Covered ........................................................................................................................ 31

Table 2 LEDs ......................................................................................................................................... 38

Table 3 Tutorial: Example Information ................................................................................................... 49

Table 4 Tutorial: Rogue AP Example Information .................................................................................. 59

Table 5 Tutorial: Friendly AP Information ............................................................................................... 60

Table 6 Tutorial: SSID Profile Security Settings ..................................................................................... 66

Table 7 Tutorial: Example Network MAC Addresses ............................................................................. 66

Table 8 Tutorial: Example User MAC Addresses ................................................................................... 66

Table 9 Tutorial: SERVER_2 Network Information ................................................................................69

Table 10 The Status Screen .................................................................................................................. 74

Table 11 The Management Mode Screen .............................................................................................. 79

Table 12 AP Controller: the Status Screen ............................................................................................ 82

Table 13 AP List Status .......................................................................................................................... 83

Table 14 AP Statistics ............................................................................................................................ 83

Table 15 AP Association List ................................................................................................................. 84

Table 16 AP Association List ................................................................................................................. 85

Table 17 Navigation Bar Labels ............................................................................................................. 85

Table 18 The Controller > AP Lists Screen ............................................................................................ 87

Table 19 The Controller > AP Lists > Edit Screen ................................................................................. 88

Table 20 The Controller > Configuration Screen ................................................................................... 89

Table 21 The Profile Edit > Radio Screen .............................................................................................. 90

Table 22 The Profile Edit > Radio > Edit Screen ................................................................................... 92

Table 23 System > General ................................................................................................................... 97

Table 24 Password ................................................................................................................................ 99

Table 25 SYSTEM > Time Setting ....................................................................................................... 101

Table 26 Default Time Servers ............................................................................................................ 102

Table 27 WMM QoS Priorities ............................................................................................................. 105

Table 28 Typical Packet Sizes ............................................................................................................. 106

Table 29 Automatic Traffic Classifier Priorities .................................................................................... 106

Table 30 ATC + WMM Priority Assignment (LAN to WLAN) ................................................................ 107

Table 31 ATC + WMM Priority Assignment (WLAN to LAN) ................................................................ 107

Table 32 ToS and IEEE 802.1d to WMM QoS Priority Level Mapping ................................................ 108

Table 33 STP Path Costs .................................................................................................................... 109

Table 34 STP Port States .....................................................................................................................110

Table 35 Wireless: Access Point (NWA-3160 and NWA-3163) ............................................................112

Table 36 Wireless: Access Point (NWA-3165) ......................................................................................114

Table 37 Wireless: Bridge/Repeater (NWA-3160 and NWA-3163 Only) ..............................................118

Table 38 Security Modes ..................................................................................................................... 125

ZyXEL NWA-3160 Series User’s Guide

List of Tables

Table 39 Wireless Security Levels ....................................................................................................... 126

Table 40 WIRELESS > Security .......................................................................................................... 127

Table 41 Security: WEP ....................................................................................................................... 128

Table 42 Security: 802.1x Only ............................................................................................................ 129

Table 43 Security: 802.1x Static 64-bit, 802.1x Static 128-bit .............................................................. 130

Table 44 Security: WPA ....................................................................................................................... 131

Table 45 Security: WPA2 or WPA2-MIX .............................................................................................. 132

Table 46 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ........................................................... 133

Table 47 RADIUS ................................................................................................................................ 134

Table 48 Wireless: Multiple BSS .......................................................................................................... 139

Table 49 SSID ...................................................................................................................................... 141

Table 50 Configuring SSID .................................................................................................................. 142

Table 51 WIRELESS > Layer-2 Isolation ............................................................................................. 147

Table 52 WIRELESS > Layer-2 Isolation Configuration ...................................................................... 148

Table 53 WIRELESS > MAC Filter ...................................................................................................... 151

Table 54 MAC Address Filter ............................................................................................................... 152

Table 55 Private IP Address Ranges ................................................................................................... 155

Table 56 IP Setup ................................................................................................................................ 156

Table 57 ROGUE AP > Configuration .................................................................................................. 160

Table 58 ROGUE AP > Friendly AP .................................................................................................... 161

Table 59 ROGUE AP > Rogue AP ....................................................................................................... 162

Table 60 Remote Management Overview ...........................................................................................163

Table 61 Remote Management: Telnet ................................................................................................ 164

Table 62 Remote Management: FTP ................................................................................................... 165

Table 63 Remote Management: WWW ...............................................................................................166

Table 64 SNMP Traps .......................................................................................................................... 169

Table 65 SNMP Interface Index to Physical and Virtual Port Mapping ................................................ 169

Table 66 Remote Management: SNMP ............................................................................................... 171

Table 67 Remote Management: SNMP User Profile ........................................................................... 173

Table 68 Internal RADIUS Server Setting Screen Setting ................................................................... 176

Table 69 Trusted AP ............................................................................................................................ 179

Table 70 Trusted Users ........................................................................................................................ 180

Table 71 My Certificates ...................................................................................................................... 184

Table 72 My Certificate Import ............................................................................................................. 186

Table 73 My Certificate Create ............................................................................................................ 187

Table 74 My Certificate Details ............................................................................................................ 190

Table 75 Trusted CAs .......................................................................................................................... 193

Table 76 Trusted CA Import ................................................................................................................. 194

Table 77 Trusted CA Details ................................................................................................................ 195

Table 78 View Log ............................................................................................................................... 199

Table 79 Log Settings .......................................................................................................................... 201

Table 80 System Maintenance Logs .................................................................................................... 202

Table 81 ICMP Notes ........................................................................................................................... 203

ZyXEL NWA-3160 Series User’s Guide

List of Tables

Table 82 Sys log .................................................................................................................................. 204

Table 83 Log Categories and Available Settings ................................................................................. 204

Table 84 WIRELESS VLAN ................................................................................................................. 209

Table 85 RADIUS VLAN .......................................................................................................................211

Table 86 Standard RADIUS Attributes ................................................................................................. 214

Table 87 System Status ....................................................................................................................... 225

Table 88 System Status: Show Statistics ............................................................................................. 226

Table 89 Association List ..................................................................................................................... 227

Table 90 Channel Usage ..................................................................................................................... 228

Table 91 Firmware Upload ................................................................................................................... 228

Table 92 Restore Configuration ........................................................................................................... 231

Table 93 Hardware Specifications ....................................................................................................... 241

Table 94 Firmware Specifications ........................................................................................................ 243

Table 95 North American Plug Standards ............................................................................................ 245

Table 96 European Plug Standards ..................................................................................................... 246

Table 97 United Kingdom Plug Standards ........................................................................................... 246

Table 98 Australia and New Zealand Plug Standards ......................................................................... 246

Table 99 Power over Ethernet Injector Specifications ........................................................................ 246

Table 100 Power over Ethernet Injector RJ-45 Port Pin Assignments ................................................ 246

Table 101 IEEE 802.11g ...................................................................................................................... 267

Table 102 Wireless Security Levels ..................................................................................................... 268

Table 103 Comparison of EAP Authentication Types .......................................................................... 271

Table 104 Wireless Security Relational Matrix .................................................................................... 274

Table 105 Subnet Masks ..................................................................................................................... 284

Table 106 Subnet Masks ..................................................................................................................... 285

Table 107 Maximum Host Numbers .................................................................................................... 285

Table 108 Alternative Subnet Mask Notation ....................................................................................... 285

Table 109 Subnet 1 .............................................................................................................................. 287

Table 110 Subnet 2 .............................................................................................................................. 288

Table 111 Subnet 3 .............................................................................................................................. 288

Table 112 Subnet 4 .............................................................................................................................. 288

Table 113 Eight Subnets ...................................................................................................................... 288

Table 114 24-bit Network Number Subnet Planning ............................................................................ 289

Table 115 16-bit Network Number Subnet Planning ............................................................................ 289

Table 116 Auto Configuration by DHCP .............................................................................................. 292

Table 117 Manual Configuration .......................................................................................................... 292

Table 118 Configuration via SNMP ...................................................................................................... 292

Table 119 Displaying the File Version .................................................................................................. 293

Table 120 Displaying the File Version .................................................................................................. 293

Table 121 Displaying the Auto Configuration Status ............................................................................294

ZyXEL NWA-3160 Series User’s Guide

List of Tables

ZyXEL NWA-3160 Series User’s Guide

PART I

Introduction

Introducing the ZyXEL Device (31)

Introducing the Web Configurator (41)

Tutorial (45)

Status Screens (73)

Management Mode (77)

AP Controller Mode (NWA-3160 Only) (81)

+ 284 hidden pages