ZyXEL Communications NWA-3160 Series User Manual

Loading...

NWA-3160 Series

IEEE 802.11a/b/g Business WLAN Access Point IEEE 802.11b/g Business WLAN Access Point

User’s Guide

Version 3.60 7/2007 Edition 1

DEFAULT LOGIN

IP Address

http://192.168.1.2

 

 

Password 1234

www.zyxel.com

About This User's Guide

About This User's Guide

Intended Audience

This manual is intended for people who want to configure the ZyXEL Device using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology.

Related Documentation

Quick Start Guide

The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access.

Supporting Disk

Refer to the included CD for support documents.

ZyXEL Web Site

Please refer to www.zyxel.com for additional support documentation and product certifications.

User Guide Feedback

Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead. Thank you!

The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.

E-mail: techwriters@zyxel.com.tw

ZyXEL NWA-3160 Series User’s Guide

3

Document Conventions

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

Warnings tell you about things that could harm you or your device.

"Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.

Syntax Conventions

The NWA-3160 or NWA-3163 may be referred to as the “ZyXEL Device”, the “device” or the “system” in this User’s Guide.

Product labels, screen names, field labels and field choices are all in bold font.

A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “return” key on your keyboard.

“Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.

A right angle bracket ( > ) within a screen name denotes a mouse click. For example,

Maintenance > Log > Log Setting means you first click Maintenance in the navigation panel, then the Log sub menu and finally the Log Setting tab to get to that screen.

Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.

“e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

4

ZyXEL NWA-3160 Series User’s Guide

Document Conventions

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device.

ZyXEL Device

Computer

Notebook computer

 

 

 

Server

DSLAM

Firewall

 

 

 

Telephone

Switch

Router

 

 

 

ZyXEL NWA-3160 Series User’s Guide

5

Safety Warnings

Safety Warnings

For your safety, be sure to read and follow all warning notices and instructions.

Do NOT use this product near water, for example, in a wet basement or near a swimming pool.

Do NOT expose your device to dampness, dust or corrosive liquids.

Do NOT store things on the device.

Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.

Connect ONLY suitable accessories to the device.

ONLY qualified service personnel should service or disassemble this device.

Make sure to connect the cables to the correct ports.

Place connecting cables carefully so that no one will step on them or stumble over them.

Always disconnect all cables from this device before servicing or disassembling.

Use ONLY an appropriate power adaptor or cord for your device.

Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).

Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord.

Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.

If the power adaptor or cord is damaged, remove it from the power outlet.

Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.

Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.

Antenna Warning! This device meets ETSI and FCC certification requirements when using the included antenna(s). Only use the included antenna(s).

If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged.

The PoE (Power over Ethernet) devices that supply or receive power and their connected Ethernet cables must all be completely indoors.

This product is recyclable. Dispose of it properly.

6

ZyXEL NWA-3160 Series User’s Guide

Safety Warnings

ZyXEL NWA-3160 Series User’s Guide

7

Safety Warnings

8

ZyXEL NWA-3160 Series User’s Guide

Contents Overview

Contents Overview

Introduction ............................................................................................................................

31

Introducing the ZyXEL Device ...................................................................................................

33

Introducing the Web Configurator ..............................................................................................

41

Status Screens ..........................................................................................................................

45

Tutorial .......................................................................................................................................

49

The Web Configurator ...........................................................................................................

75

System Screens ........................................................................................................................

77

Wireless Configuration ..............................................................................................................

83

Wireless Security Configuration ................................................................................................

99

MBSSID and SSID ...................................................................................................................

115

Other Wireless Configuration ..................................................................................................

123

IP Screen .................................................................................................................................

133

Rogue AP ................................................................................................................................

135

Remote Management Screens ................................................................................................

141

Internal RADIUS Server ..........................................................................................................

151

Certificates ...............................................................................................................................

157

Log Screens ............................................................................................................................

175

VLAN .......................................................................................................................................

181

Maintenance ............................................................................................................................

199

SMT and Troubleshooting ...................................................................................................

207

Introducing the SMT ................................................................................................................

209

General Setup .........................................................................................................................

215

LAN Setup ...............................................................................................................................

217

SNMP Configuration ................................................................................................................

219

System Password ....................................................................................................................

221

System Information and Diagnosis ..........................................................................................

223

Firmware and Configuration File Maintenance ........................................................................

229

System Maintenance and Information .....................................................................................

235

Troubleshooting .......................................................................................................................

243

Appendices and Index .........................................................................................................

249

ZyXEL NWA-3160 Series User’s Guide

9

Contents Overview

10

ZyXEL NWA-3160 Series User’s Guide

Table of Contents

Table of Contents

About This User's Guide ..........................................................................................................

3

Document Conventions............................................................................................................

4

Safety Warnings........................................................................................................................

6

Contents Overview ...................................................................................................................

9

Table of Contents....................................................................................................................

11

List of Figures .........................................................................................................................

21

List of Tables...........................................................................................................................

27

Part I: Introduction.................................................................................

31

Chapter 1

 

Introducing the ZyXEL Device ...............................................................................................

33

1.1

Introducing the ZyXEL Device ............................................................................................

33

1.2

Applications for the ZyXEL Device ......................................................................................

33

 

1.2.1 Access Point ..............................................................................................................

34

 

1.2.2 Bridge / Repeater .......................................................................................................

34

 

1.2.3 AP + Bridge ................................................................................................................

35

 

1.2.4 MBSSID .....................................................................................................................

36

 

1.2.5 Pre-Configured SSID Profiles ....................................................................................

37

1.3

Ways to Manage the ZyXEL Device ....................................................................................

38

1.4

Good Habits for Managing the ZyXEL Device .....................................................................

38

1.5

Hardware Connections ........................................................................................................

38

1.6

LEDs ....................................................................................................................................

39

Chapter 2

 

Introducing the Web Configurator ........................................................................................

41

2.1

Accessing the Web Configurator .........................................................................................

41

2.2

Resetting the ZyXEL Device ................................................................................................

42

 

2.2.1 Methods of Restoring Factory-Defaults ......................................................................

43

2.3

Navigating the Web Configurator .........................................................................................

43

Chapter 3

 

Status Screens ........................................................................................................................

45

ZyXEL NWA-3160 Series User’s Guide

11

Table of Contents

 

3.1

The Status Screen ...............................................................................................................

45

Chapter 4

 

Tutorial .....................................................................................................................................

 

49

4.1

How to Configure the Wireless LAN ....................................................................................

49

 

4.1.1 Choosing the Wireless Mode .....................................................................................

49

 

4.1.2 Wireless LAN Configuration Overview .......................................................................

49

 

4.1.3 Further Reading .........................................................................................................

51

4.2

How to Configure Multiple Wireless Networks .....................................................................

51

 

4.2.1 Change the Operating Mode ......................................................................................

52

 

4.2.2 Configure the VoIP Network .......................................................................................

54

 

4.2.2.1 Set Up Security for the VoIP Profile ................................................

55

 

4.2.2.2 Activate the VoIP Profile ..................................................................

57

 

4.2.3 Configure the Guest Network .....................................................................................

57

 

4.2.3.1 Set Up Security for the Guest Profile ..............................................

58

 

4.2.3.2 Set up Layer 2 Isolation ..................................................................

59

 

4.2.3.3 Activate the Guest Profile ................................................................

60

 

4.2.4 Testing the Wireless Networks ...................................................................................

60

4.3

How to Set Up and Use Rogue AP Detection .....................................................................

61

 

4.3.1 Set Up and Save a Friendly AP list ............................................................................

63

 

4.3.2 Activate Periodic Rogue AP Detection .......................................................................

65

 

4.3.3 Set Up E-mail Logs ....................................................................................................

66

 

4.3.4 Configure Your Other Access Points ..........................................................................

67

 

4.3.5 Test the Setup ............................................................................................................

67

4.4

Using Multiple MAC Filters and L-2 Isolation Profiles ..........................................................

68

 

4.4.1 Scenario .....................................................................................................................

68

 

4.4.2 Your Requirements .....................................................................................................

68

 

4.4.3 Setup ..........................................................................................................................

69

 

4.4.4 Configure the SERVER_1 Network ............................................................................

69

 

4.4.5 Configure the SERVER_2 Network ............................................................................

72

 

4.4.6 Checking your Settings and Testing the Configuration ..............................................

73

 

4.4.6.1 Checking Settings ...........................................................................

73

 

4.4.6.2 Testing the Configuration ................................................................

73

Part II: The Web Configurator ...............................................................

75

Chapter 5

 

System Screens ......................................................................................................................

77

5.1

System Overview .................................................................................................................

77

5.2

Configuring General Setup ..................................................................................................

77

5.3

Administrator Authentication on RADIUS ............................................................................

78

12

ZyXEL NWA-3160 Series User’s Guide

 

 

Table of Contents

 

5.3.1 Configuring Password ................................................................................................

78

5.4

Configuring Time Setting ....................................................................................................

80

5.5

Pre-defined NTP Time Servers List .....................................................................................

82

Chapter 6

 

Wireless Configuration...........................................................................................................

83

6.1

Wireless LAN Overview .......................................................................................................

83

 

6.1.1 BSS ............................................................................................................................

83

 

6.1.2 ESS ............................................................................................................................

84

6.2

Wireless LAN Basics ...........................................................................................................

84

6.3

Quality of Service ................................................................................................................

85

 

6.3.1 WMM QoS ..................................................................................................................

85

 

6.3.1.1 WMM QoS Priorities ........................................................................

85

 

6.3.2 ATC ............................................................................................................................

85

 

6.3.3 ATC+WMM .................................................................................................................

86

 

6.3.3.1 ATC+WMM from LAN to WLAN ......................................................

86

 

6.3.3.2 ATC+WMM from WLAN to LAN ......................................................

87

 

6.3.4 Type Of Service (ToS) ................................................................................................

87

 

6.3.4.1 DiffServ ............................................................................................

87

 

6.3.4.2 DSCP and Per-Hop Behavior ..........................................................

87

 

6.3.5 ToS (Type of Service) and WMM QoS .......................................................................

88

6.4

Spanning Tree Protocol (STP) .............................................................................................

88

 

6.4.1 Rapid STP ..................................................................................................................

88

 

6.4.2 STP Terminology ........................................................................................................

89

 

6.4.3 How STP Works .........................................................................................................

89

 

6.4.4 STP Port States ..........................................................................................................

90

6.5

DFS .....................................................................................................................................

90

6.6

Wireless Screen Overview ..................................................................................................

90

6.7

Configuring Wireless Settings .............................................................................................

91

 

6.7.1 Access Point Mode ....................................................................................................

91

 

6.7.2 Bridge/Repeater Mode ...............................................................................................

92

 

6.7.3 AP+Bridge Mode ........................................................................................................

96

 

6.7.4 MBSSID Mode ...........................................................................................................

97

Chapter 7

 

Wireless Security Configuration ...........................................................................................

99

7.1

Wireless Security Overview .................................................................................................

99

 

7.1.1 Encryption ..................................................................................................................

99

 

7.1.2 Restricted Access ......................................................................................................

99

 

7.1.3 Hide Identity ...............................................................................................................

99

 

7.1.4 WEP Encryption .........................................................................................................

99

7.2

802.1x Overview ................................................................................................................

100

7.3

EAP Authentication Overview ............................................................................................

100

ZyXEL NWA-3160 Series User’s Guide

13

Table of Contents

 

7.4

Introduction to WPA ...........................................................................................................

100

 

7.4.1 User Authentication .................................................................................................

101

 

7.4.2 Encryption ...............................................................................................................

101

 

7.4.3 WPA(2)-PSK Application Example ...........................................................................

101

7.5

WPA(2) with External RADIUS Application Example .........................................................

102

7.6

Security Modes ..................................................................................................................

103

7.7

Wireless Client WPA Supplicants ......................................................................................

104

7.8

Wireless Security Effectiveness .........................................................................................

104

7.9

Configuring Security ..........................................................................................................

104

 

7.9.1 Security: WEP ..........................................................................................................

105

 

7.9.2 Security: 802.1x Only ...............................................................................................

106

 

7.9.3 Security: 802.1x Static 64-bit, 802.1x Static 128-bit .................................................

107

 

7.9.4 Security: WPA ..........................................................................................................

109

 

7.9.5 Security: WPA2 or WPA2-MIX ..................................................................................

109

 

7.9.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX ...................................................

111

7.10 Introduction to RADIUS ....................................................................................................

112

7.11 Configuring RADIUS .........................................................................................................

112

Chapter 8

 

MBSSID and SSID .................................................................................................................

115

8.1

Wireless LAN Infrastructures ..............................................................................................

115

 

8.1.1 MBSSID ....................................................................................................................

115

 

8.1.2 Notes on Multiple BSS ..............................................................................................

115

 

8.1.3 Multiple BSS Example ...............................................................................................

115

 

8.1.4 Multiple BSS with VLAN Example .............................................................................

115

 

8.1.5 Configuring Multiple BSSs ........................................................................................

116

8.2

SSID ...................................................................................................................................

118

 

8.2.1 The SSID Screen ......................................................................................................

118

 

8.2.2 Configuring SSID ......................................................................................................

119

Chapter 9

 

Other Wireless Configuration ..............................................................................................

123

9.1

Layer-2 Isolation Introduction ............................................................................................

123

9.2

The Layer-2 Isolation Screen ............................................................................................

124

9.3

Configuring Layer-2 Isolation .............................................................................................

125

 

9.3.1 Layer-2 Isolation Examples ......................................................................................

126

 

9.3.1.1 Layer-2 Isolation Example 1 ..........................................................

127

 

9.3.1.2 Layer-2 Isolation Example 2 ..........................................................

127

9.4

The MAC Filter Screen ......................................................................................................

128

 

9.4.1 Configuring MAC Filtering ........................................................................................

129

9.5

Configuring Roaming .........................................................................................................

130

 

9.5.1 Requirements for Roaming ......................................................................................

131

14

ZyXEL NWA-3160 Series User’s Guide

 

 

Table of Contents

Chapter 10

 

IP Screen................................................................................................................................

 

133

10.1

Factory Ethernet Defaults ................................................................................................

133

10.2

TCP/IP Parameters .........................................................................................................

133

10.2.1 WAN IP Address Assignment .................................................................................

133

10.3

Configuring IP ..................................................................................................................

134

Chapter 11

 

Rogue AP...............................................................................................................................

 

135

11.1 Rogue AP Introduction .....................................................................................................

135

11.2 Rogue AP Examples ........................................................................................................

135

11.2.1 “Honeypot” Attack ...................................................................................................

136

11.3 Configuring Rogue AP Detection .....................................................................................

137

11.3.1 Rogue AP: Configuration ........................................................................................

137

11.3.2 Rogue AP: Friendly AP ..........................................................................................

138

11.3.3 Rogue AP List ........................................................................................................

139

Chapter 12

 

Remote Management Screens.............................................................................................

141

12.1

Remote Management Overview ......................................................................................

141

12.1.1 Remote Management Limitations ..........................................................................

141

12.1.2 System Timeout ....................................................................................................

141

12.2

Configuring Telnet ............................................................................................................

142

12.3

Configuring FTP ..............................................................................................................

143

12.4

Configuring WWW ...........................................................................................................

144

12.5 SNMP ..............................................................................................................................

145

12.5.1 Supported MIBs .....................................................................................................

146

12.5.2 SNMP Traps ...........................................................................................................

147

12.6 SNMP Traps ....................................................................................................................

147

12.6.1 Configuring SNMP .................................................................................................

148

Chapter 13

 

Internal RADIUS Server........................................................................................................

151

13.1

Internal RADIUS Overview ..............................................................................................

151

13.2

Internal RADIUS Server Setting ......................................................................................

151

13.3

Trusted AP Overview .......................................................................................................

153

13.4

Configuring Trusted AP ...................................................................................................

154

13.5

Configuring Trusted Users ...............................................................................................

155

Chapter 14

 

Certificates ............................................................................................................................

157

14.1

Certificates Overview .......................................................................................................

157

14.1.1 Advantages of Certificates .....................................................................................

158

ZyXEL NWA-3160 Series User’s Guide

15

Table of Contents

 

14.2

Self-signed Certificates ....................................................................................................

158

14.3

Verifying a Certificate .......................................................................................................

158

14.3.1 Checking the Fingerprint of a Certificate on Your Computer ..................................

158

14.4

Configuration Summary ...................................................................................................

159

14.5

My Certificates .................................................................................................................

159

14.6

Certificate File Formats ....................................................................................................

161

14.7

Importing a Certificate .....................................................................................................

162

14.8

Creating a Certificate .......................................................................................................

163

14.9

My Certificate Details .......................................................................................................

165

14.10 Trusted CAs ...................................................................................................................

168

14.11 Importing a Trusted CA’s Certificate ..............................................................................

169

14.12 Trusted CA Certificate Details .......................................................................................

170

Chapter 15

 

Log Screens ..........................................................................................................................

175

15.1

Configuring View Log .......................................................................................................

175

15.2

Configuring Log Settings .................................................................................................

176

15.3

Example Log Messages ..................................................................................................

178

15.4 Log Commands ...............................................................................................................

179

15.4.1 Configuring What You Want the ZyXEL Device to Log ..........................................

179

15.4.2 Displaying Logs ......................................................................................................

180

15.5 Log Command Example ..................................................................................................

180

Chapter 16

 

VLAN ......................................................................................................................................

 

181

16.1 VLAN ...............................................................................................................................

181

16.1.1 Management VLAN ID ...........................................................................................

181

16.1.2 VLAN Tagging ........................................................................................................

181

16.2

Configuring VLAN ............................................................................................................

182

16.2.1 Wireless VLAN .......................................................................................................

182

16.2.2 RADIUS VLAN .......................................................................................................

184

16.2.3 Configuring Management VLAN Example .............................................................

185

16.2.4 Configuring Microsoft’s IAS Server Example .........................................................

188

 

16.2.4.1 Configuring VLAN Groups ...........................................................

188

 

16.2.4.2 Configuring Remote Access Policies ..........................................

189

16.2.5 Second Rx VLAN ID Example ................................................................................

196

 

16.2.5.1 Second Rx VLAN Setup Example ...............................................

196

Chapter 17

 

Maintenance ..........................................................................................................................

199

17.1

Maintenance Overview ....................................................................................................

199

17.2

System Status Screen .....................................................................................................

199

17.2.1 System Statistics ....................................................................................................

200

16

ZyXEL NWA-3160 Series User’s Guide

 

 

Table of Contents

17.3

Association List ................................................................................................................

200

17.4

Channel Usage ................................................................................................................

201

17.5

F/W Upload Screen .........................................................................................................

202

17.6

Configuration Screen .......................................................................................................

204

17.6.1 Backup Configuration .............................................................................................

204

17.6.2 Restore Configuration ...........................................................................................

205

17.6.3 Back to Factory Defaults ........................................................................................

206

17.7

Restart Screen .................................................................................................................

206

Part III: SMT and Troubleshooting......................................................

207

Chapter 18

 

Introducing the SMT .............................................................................................................

209

18.1

Introduction to the SMT ...................................................................................................

209

18.2

Accessing the SMT via the Console Port ........................................................................

209

18.2.1 Initial Screen ..........................................................................................................

209

18.2.2 Entering the Password ...........................................................................................

210

18.3

Connect to your ZyXEL Device Using Telnet ....................................................................

211

18.4

Changing the System Password ......................................................................................

211

18.5 SMT Menu Overview Example ........................................................................................

212

18.6

Navigating the SMT Interface ..........................................................................................

212

18.6.1 System Management Terminal Interface Summary ...............................................

214

Chapter 19

 

General Setup........................................................................................................................

215

19.1

General Setup .................................................................................................................

215

19.1.1 Procedure To Configure Menu 1 ............................................................................

215

Chapter 20

 

LAN Setup

..............................................................................................................................

217

20.1

LAN Setup .......................................................................................................................

217

20.2

TCP/IP Ethernet Setup ....................................................................................................

217

Chapter 21

 

SNMP Configuration .............................................................................................................

219

21.1 ........................................................................................................

SNMP Configuration

219

Chapter 22

 

System Password .................................................................................................................

221

22.1 ............................................................................................................

System Password

221

ZyXEL NWA-3160 Series User’s Guide

17

Table of Contents

Chapter 23

 

System Information and Diagnosis.....................................................................................

223

23.1

System Status ..................................................................................................................

223

23.2

System Information ..........................................................................................................

225

23.2.1 System Information ................................................................................................

225

23.2.2 Console Port Speed ...............................................................................................

226

23.3

Log and Trace ..................................................................................................................

226

23.3.1 Viewing Error Log ...................................................................................................

226

23.4

Diagnostic ........................................................................................................................

227

Chapter 24

 

Firmware and Configuration File Maintenance ..................................................................

229

24.1

Filename Conventions .....................................................................................................

229

24.2

Backup Configuration ......................................................................................................

230

24.2.1 Using the FTP command from the DOS Prompt ....................................................

230

24.2.2 Backup Configuration Using TFTP .........................................................................

231

24.2.3 Example: TFTP Command .....................................................................................

232

24.3

Restore Configuration .....................................................................................................

232

24.3.1 Using the FTP command from the DOS Prompt Example .....................................

232

24.3.2 TFTP File Upload ...................................................................................................

233

24.3.3 Example: TFTP Command .....................................................................................

234

Chapter 25

 

System Maintenance and Information ................................................................................

235

25.1

Command Interpreter Mode ............................................................................................

235

25.1.1 Command Syntax ...................................................................................................

236

25.1.2 Command Usage ...................................................................................................

236

25.1.3 Brute-Force Password Guessing Protection ..........................................................

236

 

25.1.3.1 Configuring Brute-Force Password Guessing Protection: Example ..

 

236

 

25.2

Time and Date Setting .....................................................................................................

237

25.2.1 Resetting the Time .................................................................................................

238

25.3 Remote Management Setup ............................................................................................

238

25.3.1 Telnet ......................................................................................................................

238

25.3.2 FTP ........................................................................................................................

239

25.3.3 Web ........................................................................................................................

239

25.3.4 Remote Management Setup ..................................................................................

239

25.3.5 Remote Management Limitations ..........................................................................

241

25.4

System Timeout ...............................................................................................................

241

Chapter 26

 

Troubleshooting....................................................................................................................

243

26.1

Power, Hardware Connections, and LEDs ......................................................................

243

18

ZyXEL NWA-3160 Series User’s Guide

 

 

Table of Contents

26.2

ZyXEL Device Access and Login ....................................................................................

244

26.3

Internet Access ................................................................................................................

246

26.4

Wireless Router/AP Troubleshooting ...............................................................................

247

Part IV: Appendices and Index ...........................................................

249

Appendix

A

Product Specifications.......................................................................................

251

Appendix

B Setting up Your Computer’s IP Address............................................................

257

Appendix

C Wireless LANs ..................................................................................................

269

Appendix

D Pop-up Windows, JavaScripts and Java Permissions......................................

283

Appendix

E IP Addresses and Subnetting ...........................................................................

289

Appendix

F

Text File Based Auto Configuration...................................................................

297

Appendix

G

Legal Information..............................................................................................

305

Appendix

H Customer Support.............................................................................................

309

Index.......................................................................................................................................

 

 

315

ZyXEL NWA-3160 Series User’s Guide

19

Table of Contents

20

ZyXEL NWA-3160 Series User’s Guide

List of Figures

List of Figures

Figure 1 Access Point Application ..........................................................................................................

34

Figure 2 Bridge Application ....................................................................................................................

35

Figure 3 Repeater Application ................................................................................................................

35

Figure 4 AP+Bridge Application .............................................................................................................

36

Figure 5 Multiple BSSs ...........................................................................................................................

37

Figure 6 LEDs .........................................................................................................................................

39

Figure 7 Change Password Screen ........................................................................................................

42

Figure 8 Replace Certificate Screen .......................................................................................................

42

Figure 9 The Status Screen of the Web Configurator .............................................................................

43

Figure 10 The Status Screen ..................................................................................................................

45

Figure 11 Configuring Wireless LAN ......................................................................................................

50

Figure 12 Tutorial: Example MBSSID Setup ..........................................................................................

52

Figure 13 Tutorial: Wireless LAN: Before ...............................................................................................

53

Figure 14 Tutorial: Wireless LAN: Change Mode ...................................................................................

53

Figure 15 Tutorial: WIRELESS > SSID ..................................................................................................

54

Figure 16 Tutorial: VoIP SSID Profile Edit ..............................................................................................

55

Figure 17 Tutorial: VoIP Security ............................................................................................................

56

Figure 18 Tutorial: VoIP Security Profile Edit ..........................................................................................

56

Figure 19 Tutorial: VoIP Security: Updated ............................................................................................

57

Figure 20 Tutorial: Activate VoIP Profile .................................................................................................

57

Figure 21 Tutorial: Guest Edit .................................................................................................................

58

Figure 22 Tutorial: Guest Security Profile Edit ........................................................................................

58

Figure 23 Tutorial: Guest Security: Updated ..........................................................................................

59

Figure 24 Tutorial: Layer 2 Isolation .......................................................................................................

59

Figure 25 Tutorial: Layer 2 Isolation Profile ............................................................................................

60

Figure 26 Tutorial: Activate Guest Profile ...............................................................................................

60

Figure 27 Tutorial: Wireless Network Example .......................................................................................

62

Figure 28 Tutorial: Friendly AP (Before Data Entry) ...............................................................................

63

Figure 29 Tutorial: Friendly AP (After Data Entry) .................................................................................

64

Figure 30 Tutorial: Configuration ............................................................................................................

64

Figure 31 Tutorial: Warning ....................................................................................................................

65

Figure 32 Tutorial: Save Friendly AP list ................................................................................................

65

Figure 33 Tutorial: Periodic Rogue AP Detection ..................................................................................

65

Figure 34 Tutorial: Log Settings ..............................................................................................................

66

Figure 35 Tutorial: Example Network .....................................................................................................

68

Figure 36 Tutorial: SSID Profile ..............................................................................................................

70

Figure 37 Tutorial: SSID Edit ..................................................................................................................

71

Figure 38 Tutorial: Layer-2 Isolation Edit ................................................................................................

71

ZyXEL NWA-3160 Series User’s Guide

21

List of Figures

 

Figure 39 Tutorial: MAC Filter Edit (SERVER_1) ...................................................................................

72

Figure 40 Tutorial: SSID Profiles Activated ............................................................................................

73

Figure 41 Tutorial: SSID Tab Correct Settings ........................................................................................

73

Figure 42 System > General ..................................................................................................................

77

Figure 43 SYSTEM > Password. ............................................................................................................

79

Figure 44 SYSTEM > Time Setting ........................................................................................................

80

Figure 45 Basic Service set ....................................................................................................................

83

Figure 46 Extended Service Set .............................................................................................................

84

Figure 47 DiffServ: Differentiated Service Field ......................................................................................

87

Figure 48 Wireless: Access Point ...........................................................................................................

91

Figure 49 Bridging Example ...................................................................................................................

93

Figure 50 Bridge Loop: Two Bridges Connected to Hub ........................................................................

93

Figure 51 Bridge Loop: Bridge Connected to Wired LAN .......................................................................

94

Figure 52 Wireless: Bridge/Repeater .....................................................................................................

94

Figure 53 Wireless: AP+Bridge ..............................................................................................................

97

Figure 54 EAP Authentication ..............................................................................................................

100

Figure 55 WPA(2)-PSK Authentication .................................................................................................

102

Figure 56 WPA(2) with RADIUS Application Example .........................................................................

103

Figure 57 Wireless > Security ...............................................................................................................

105

Figure 58 WIRELESS > Security: WEP ................................................................................................

106

Figure 59 Security: 802.1x Only ..........................................................................................................

107

Figure 60 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ............................................................

108

Figure 61 Security: WPA .....................................................................................................................

109

Figure 62 Security:WPA2 or WPA2-MIX ................................................................................................

110

Figure 63 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ............................................................

111

Figure 64 RADIUS .................................................................................................................................

112

Figure 65 Multiple BSS with VLAN Example .........................................................................................

116

Figure 66 Wireless: Multiple BSS ..........................................................................................................

116

Figure 67 SSID ......................................................................................................................................

119

Figure 68 Configuring SSID ..................................................................................................................

120

Figure 69 Layer-2 Isolation Application ................................................................................................

124

Figure 70 WIRELESS > Layer 2 Isolation ............................................................................................

125

Figure 71 WIRELESS > Layer-2 Isolation Configuration Screen .........................................................

126

Figure 72 Layer-2 Isolation Example Configuration .............................................................................

127

Figure 73 Layer-2 Isolation Example 1 .................................................................................................

127

Figure 74 Layer-2 Isolation Example 2 .................................................................................................

128

Figure 75 WIRELESS > MAC Filter ......................................................................................................

128

Figure 76 MAC Address Filter ..............................................................................................................

129

Figure 77 Roaming Example ................................................................................................................

131

Figure 78 Roaming ...............................................................................................................................

132

Figure 79 IP Setup ................................................................................................................................

134

Figure 80 Rogue AP: Example ............................................................................................................

136

Figure 81 “Honeypot” Attack .................................................................................................................

137

22

ZyXEL NWA-3160 Series User’s Guide

 

List of Figures

Figure 82 ROGUE AP > Configuration .................................................................................................

138

Figure 83 ROGUE AP > Friendly AP ....................................................................................................

139

Figure 84 ROGUE AP > Rogue AP ......................................................................................................

140

Figure 85 Telnet Configuration on a TCP/IP Network ...........................................................................

142

Figure 86 Remote Management: Telnet ...............................................................................................

142

Figure 87 Remote Management: FTP ..................................................................................................

143

Figure 88 Remote Management: WWW ...............................................................................................

144

Figure 89 SNMP Management Model ..................................................................................................

146

Figure 90 Remote Management: SNMP ..............................................................................................

148

Figure 91 Internal RADIUS Server Setting Screen ...............................................................................

152

Figure 92 Trusted AP Overview ............................................................................................................

154

Figure 93 Trusted AP Screen ...............................................................................................................

155

Figure 94 Trusted Users Screen ...........................................................................................................

156

Figure 95 Certificates on Your Computer .............................................................................................

158

Figure 96 Certificate Details ................................................................................................................

159

Figure 97 My Certificates ......................................................................................................................

160

Figure 98 My Certificate Import ............................................................................................................

162

Figure 99 My Certificate Create ............................................................................................................

163

Figure 100 My Certificate Details .........................................................................................................

166

Figure 101 Trusted CAs ........................................................................................................................

168

Figure 102 Trusted CA Import ..............................................................................................................

170

Figure 103 Trusted CA Details .............................................................................................................

171

Figure 104 View Log .............................................................................................................................

175

Figure 105 Log Settings .......................................................................................................................

176

Figure 106 WIRELESS VLAN ..............................................................................................................

183

Figure 107 RADIUS VLAN ...................................................................................................................

184

Figure 108 Management VLAN Configuration Example .......................................................................

186

Figure 109 VLAN-Aware Switch - Static VLAN .....................................................................................

186

Figure 110 VLAN-Aware Switch ...........................................................................................................

186

Figure 111 VLAN-Aware Switch - VLAN Status ....................................................................................

187

Figure 112 VLAN Setup ........................................................................................................................

187

Figure 113 New Global Security Group ...............................................................................................

189

Figure 114 Add Group Members .........................................................................................................

189

Figure 115 New Remote Access Policy for VLAN Group ....................................................................

190

Figure 116 Specifying Windows-Group Condition ................................................................................

190

Figure 117 Adding VLAN Group ..........................................................................................................

191

Figure 118 Granting Permissions and User Profile Screens ...............................................................

191

Figure 119 Authentication Tab Settings ................................................................................................

192

Figure 120 Encryption Tab Settings .....................................................................................................

192

Figure 121 Connection Attributes Screen ............................................................................................

193

Figure 122 RADIUS Attribute Screen ..................................................................................................

193

Figure 123 802 Attribute Setting for Tunnel-Medium-Type ..................................................................

194

Figure 124 VLAN ID Attribute Setting for Tunnel-Pvt-Group-ID ..........................................................

194

ZyXEL NWA-3160 Series User’s Guide

23

List of Figures

 

Figure 125 VLAN Attribute Setting for Tunnel-Type ............................................................................

195

Figure 126 Completed Advanced Tab ..................................................................................................

195

Figure 127 Second Rx VLAN ID Example ............................................................................................

196

Figure 128 Configuring SSID: Second Rx VLAN ID Example ..............................................................

197

Figure 129 System Status ....................................................................................................................

199

Figure 130 System Status: Show Statistics ..........................................................................................

200

Figure 131 Association List ..................................................................................................................

201

Figure 132 Channel Usage ...................................................................................................................

201

Figure 133 Firmware Upload ................................................................................................................

202

Figure 134 Firmware Upload In Process ..............................................................................................

203

Figure 135 Network Temporarily Disconnected ....................................................................................

203

Figure 136 Firmware Upload Error .......................................................................................................

204

Figure 137 Configuration ......................................................................................................................

204

Figure 138 Configuration Upload Successful .......................................................................................

205

Figure 139 Network Temporarily Disconnected ....................................................................................

205

Figure 140 Configuration Upload Error .................................................................................................

206

Figure 141 Reset Warning Message ....................................................................................................

206

Figure 142 Restart Screen ...................................................................................................................

206

Figure 143 Initial Screen .......................................................................................................................

210

Figure 144 Password Screen ...............................................................................................................

211

Figure 145 Login Screen .......................................................................................................................

211

Figure 146 Menu 23 System Password ................................................................................................

212

Figure 147 SMT Main Menu .................................................................................................................

213

Figure 148 Menu 1 General Setup .......................................................................................................

215

Figure 149 Menu 3 LAN Setup ............................................................................................................

217

Figure 150 Menu 3.2 TCP/IP Setup .....................................................................................................

217

Figure 151 Menu 22 SNMP Configuration ............................................................................................

219

Figure 152 Menu 23 System Password ................................................................................................

221

Figure 153 Menu 24 System Maintenance ...........................................................................................

223

Figure 154 Menu 24.1 System Maintenance: Status ............................................................................

224

Figure 155 Menu 24.2 System Information and Console Port Speed ..................................................

225

Figure 156 Menu 24.2.1 System Information: Information ...................................................................

225

Figure 157 Menu 24.2.2 System Maintenance: Change Console Port Speed .....................................

226

Figure 158 Menu 24.3 System Maintenance: Log and Trace ...............................................................

227

Figure 159 Sample Error and Information Messages ...........................................................................

227

Figure 160 Menu 24.4 System Maintenance: Diagnostic .....................................................................

227

Figure 161 FTP Session Example ........................................................................................................

231

Figure 162 FTP Session Example ........................................................................................................

233

Figure 163 Menu 24 System Maintenance ...........................................................................................

235

Figure 164 Valid CI Commands ............................................................................................................

236

Figure 165 Menu 24.10 System Maintenance: Time and Date Setting ................................................

237

Figure 166 Telnet Configuration on a TCP/IP Network .........................................................................

239

Figure 167 Menu 24.11 Remote Management Control ........................................................................

240

24

ZyXEL NWA-3160 Series User’s Guide

 

List of Figures

Figure 168 Wall-mounting Example ......................................................................................................

254

Figure 169 Masonry Plug and M4 Tap Screw .......................................................................................

254

Figure 170 WIndows 95/98/Me: Network: Configuration ......................................................................

258

Figure 171 Windows 95/98/Me: TCP/IP Properties: IP Address ..........................................................

259

Figure 172 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ..............................................

260

Figure 173 Windows XP: Start Menu ....................................................................................................

261

Figure 174 Windows XP: Control Panel ...............................................................................................

261

Figure 175 Windows XP: Control Panel: Network Connections: Properties .........................................

262

Figure 176 Windows XP: Local Area Connection Properties ...............................................................

262

Figure 177 Windows XP: Advanced TCP/IP Settings ..........................................................................

263

Figure 178 Windows XP: Internet Protocol (TCP/IP) Properties ..........................................................

264

Figure 179 Macintosh OS 8/9: Apple Menu ..........................................................................................

265

Figure 180 Macintosh OS 8/9: TCP/IP .................................................................................................

265

Figure 181 Macintosh OS X: Apple Menu ............................................................................................

266

Figure 182 Macintosh OS X: Network ..................................................................................................

267

Figure 183 Peer-to-Peer Communication in an Ad-hoc Network .........................................................

269

Figure 184 Basic Service Set ...............................................................................................................

270

Figure 185 Infrastructure WLAN ...........................................................................................................

271

Figure 186 RTS/CTS ............................................................................................................................

272

Figure 187 WPA(2) with RADIUS Application Example .......................................................................

279

Figure 188 WPA(2)-PSK Authentication ...............................................................................................

280

Figure 189 Pop-up Blocker ...................................................................................................................

283

Figure 190 Internet Options: Privacy ....................................................................................................

284

Figure 191 Internet Options: Privacy ....................................................................................................

285

Figure 192 Pop-up Blocker Settings .....................................................................................................

285

Figure 193 Internet Options: Security ...................................................................................................

286

Figure 194 Security Settings - Java Scripting .......................................................................................

287

Figure 195 Security Settings - Java ......................................................................................................

287

Figure 196 Java (Sun) ..........................................................................................................................

288

Figure 197 Network Number and Host ID ............................................................................................

290

Figure 198 Subnetting Example: Before Subnetting ............................................................................

292

Figure 199 Subnetting Example: After Subnetting ...............................................................................

293

Figure 200 Text File Based Auto Configuration ....................................................................................

297

Figure 201 Configuration File Format ...................................................................................................

299

Figure 202 WEP Configuration File Example .......................................................................................

300

Figure 203 802.1X Configuration File Example ....................................................................................

301

Figure 204 WPA-PSK Configuration File Example ...............................................................................

301

Figure 205 WPA Configuration File Example .......................................................................................

302

Figure 206 Wlan Configuration File Example .......................................................................................

303

ZyXEL NWA-3160 Series User’s Guide

25

List of Figures

26

ZyXEL NWA-3160 Series User’s Guide

List of Tables

List of Tables

Table 1 Models Covered ........................................................................................................................

33

Table 2 LEDs .........................................................................................................................................

39

Table 3 The Status Screen ....................................................................................................................

45

Table 4 Tutorial: Example Information ...................................................................................................

52

Table 5 Tutorial: Rogue AP Example Information ..................................................................................

62

Table 6 Tutorial: Friendly AP Information ...............................................................................................

63

Table 7 Tutorial: SSID Profile Security Settings .....................................................................................

69

Table 8 Tutorial: Example Network MAC Addresses .............................................................................

69

Table 9 Tutorial: Example User MAC Addresses ...................................................................................

69

Table 10 Tutorial: SERVER_2 Network Information ..............................................................................

72

Table 11 System > General ...................................................................................................................

77

Table 12 Password ................................................................................................................................

79

Table 13 SYSTEM > Time Setting .........................................................................................................

81

Table 14 Default Time Servers ..............................................................................................................

82

Table 15 WMM QoS Priorities ...............................................................................................................

85

Table 16 Typical Packet Sizes ...............................................................................................................

86

Table 17 Automatic Traffic Classifier Priorities ......................................................................................

86

Table 18 ATC + WMM Priority Assignment (LAN to WLAN) ..................................................................

87

Table 19 ATC + WMM Priority Assignment (WLAN to LAN) ..................................................................

87

Table 20 ToS and IEEE 802.1d to WMM QoS Priority Level Mapping ..................................................

88

Table 21 STP Path Costs ......................................................................................................................

89

Table 22 STP Port States ......................................................................................................................

90

Table 23 Wireless: Access Point ...........................................................................................................

91

Table 24 Wireless: Bridge/Repeater ......................................................................................................

95

Table 25 Security Modes .....................................................................................................................

103

Table 26 Wireless Security Levels .......................................................................................................

104

Table 27 WIRELESS > Security ..........................................................................................................

105

Table 28 Security: WEP .......................................................................................................................

106

Table 29 Security: 802.1x Only ............................................................................................................

107

Table 30 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ..............................................................

108

Table 31 Security: WPA .......................................................................................................................

109

Table 32 Security: WPA2 or WPA2-MIX ...............................................................................................

110

Table 33 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX ............................................................

111

Table 34 RADIUS .................................................................................................................................

112

Table 35 Wireless: Multiple BSS ...........................................................................................................

117

Table 36 SSID .......................................................................................................................................

119

Table 37 Configuring SSID ..................................................................................................................

120

Table 38 WIRELESS > Layer-2 Isolation .............................................................................................

125

ZyXEL NWA-3160 Series User’s Guide

27

List of Tables

 

Table 39 WIRELESS > Layer-2 Isolation Configuration ......................................................................

126

Table 40 WIRELESS > MAC Filter ......................................................................................................

129

Table 41 MAC Address Filter ...............................................................................................................

130

Table 42 Private IP Address Ranges ...................................................................................................

133

Table 43 IP Setup ................................................................................................................................

134

Table 44 ROGUE AP > Configuration ..................................................................................................

138

Table 45 ROGUE AP > Friendly AP ....................................................................................................

139

Table 46 ROGUE AP > Rogue AP .......................................................................................................

140

Table 47 Remote Management Overview ...........................................................................................

141

Table 48 Remote Management: Telnet ................................................................................................

142

Table 49 Remote Management: FTP ...................................................................................................

143

Table 50 Remote Management: WWW ...............................................................................................

144

Table 51 SNMP Traps ..........................................................................................................................

147

Table 52 SNMP Interface Index to Physical and Virtual Port Mapping ................................................

147

Table 53 Remote Management: SNMP ...............................................................................................

148

Table 54 Internal RADIUS Server Setting Screen Setting ...................................................................

152

Table 55 Trusted AP ............................................................................................................................

155

Table 56 Trusted Users ........................................................................................................................

156

Table 57 My Certificates ......................................................................................................................

160

Table 58 My Certificate Import .............................................................................................................

162

Table 59 My Certificate Create ............................................................................................................

163

Table 60 My Certificate Details ............................................................................................................

166

Table 61 Trusted CAs ..........................................................................................................................

169

Table 62 Trusted CA Import .................................................................................................................

170

Table 63 Trusted CA Details ................................................................................................................

171

Table 64 View Log ...............................................................................................................................

175

Table 65 Log Settings ..........................................................................................................................

177

Table 66 System Maintenance Logs ....................................................................................................

178

Table 67 ICMP Notes ...........................................................................................................................

178

Table 68 Sys log ..................................................................................................................................

179

Table 69 Log Categories and Available Settings .................................................................................

179

Table 70 WIRELESS VLAN .................................................................................................................

183

Table 71 RADIUS VLAN ......................................................................................................................

185

Table 72 Standard RADIUS Attributes .................................................................................................

188

Table 73 System Status .......................................................................................................................

199

Table 74 System Status: Show Statistics .............................................................................................

200

Table 75 Association List .....................................................................................................................

201

Table 76 Channel Usage .....................................................................................................................

202

Table 77 Firmware Upload ...................................................................................................................

202

Table 78 Restore Configuration ...........................................................................................................

205

Table 79 SMT Menus Overview ...........................................................................................................

212

Table 80 Main Menu Commands .........................................................................................................

213

Table 81 Main Menu Summary ............................................................................................................

214

28

ZyXEL NWA-3160 Series User’s Guide

 

List of Tables

Table 82 Menu 1 General Setup ..........................................................................................................

215

Table 83 Menu 3.2 TCP/IP Setup ........................................................................................................

218

Table 84 Menu 22 SNMP Configuration ..............................................................................................

219

Table 85 Menu 24.1 System Maintenance: Status ..............................................................................

224

Table 86 Menu 24.2.1 System Maintenance: Information ...................................................................

225

Table 87 Menu 24.4 System Maintenance Menu: Diagnostic ..............................................................

228

Table 88 Filename Conventions ..........................................................................................................

230

Table 89 General Commands for Third Party FTP Clients ..................................................................

231

Table 90 General Commands for Third Party TFTP Clients ................................................................

232

Table 91 Brute-Force Password Guessing Protection Commands .....................................................

236

Table 92 System Maintenance: Time and Date Setting .......................................................................

237

Table 93 Menu 24.11 Remote Management Control ...........................................................................

240

Table 94 Hardware Specifications .......................................................................................................

251

Table 95 Firmware Specifications ........................................................................................................

252

Table 96 North American Plug Standards ............................................................................................

255

Table 97 European Plug Standards .....................................................................................................

255

Table 98 United Kingdom Plug Standards ...........................................................................................

255

Table 99 Australia and New Zealand Plug Standards .........................................................................

255

Table 100 Power over Ethernet Injector Specifications ......................................................................

255

Table 101 Power over Ethernet Injector RJ-45 Port Pin Assignments ................................................

256

Table 102 IEEE 802.11g ......................................................................................................................

273

Table 103 Wireless Security Levels .....................................................................................................

274

Table 104 Comparison of EAP Authentication Types ..........................................................................

277

Table 105 Wireless Security Relational Matrix ....................................................................................

280

Table 106 Subnet Masks .....................................................................................................................

290

Table 107 Subnet Masks .....................................................................................................................

291

Table 108 Maximum Host Numbers ....................................................................................................

291

Table 109 Alternative Subnet Mask Notation .......................................................................................

291

Table 110 Subnet 1 ..............................................................................................................................

293

Table 111 Subnet 2 ..............................................................................................................................

294

Table 112 Subnet 3 ..............................................................................................................................

294

Table 113 Subnet 4 ..............................................................................................................................

294

Table 114 Eight Subnets ......................................................................................................................

294

Table 115 24-bit Network Number Subnet Planning ............................................................................

295

Table 116 16-bit Network Number Subnet Planning ............................................................................

295

Table 117 Auto Configuration by DHCP ..............................................................................................

298

Table 118 Manual Configuration ..........................................................................................................

298

Table 119 Configuration via SNMP ......................................................................................................

298

Table 120 Displaying the File Version ..................................................................................................

299

Table 121 Displaying the File Version ..................................................................................................

299

Table 122 Displaying the Auto Configuration Status ............................................................................

300

ZyXEL NWA-3160 Series User’s Guide

29

List of Tables

30

ZyXEL NWA-3160 Series User’s Guide

PART I

Introduction

Introducing the ZyXEL Device (33)

Introducing the Web Configurator (41)

Status Screens (45)

Tutorial (49)

31

32

1

Introducing the ZyXEL Device

This chapter introduces the main applications and features of the ZyXEL Device. It also introduces the ways you can manage the ZyXEL Device.

1.1 Introducing the ZyXEL Device

Your ZyXEL Device extends the range of your existing wired network without additional wiring, providing easy network access to mobile users.

It is highly versatile, supporting up to eight BSSIDs simultaneously. The Quality of Service (QoS) features allow you to prioritize time-sensitive or highly important applications such as VoIP.

Multiple security profiles allow you to easily assign different types of security to groups of users. The ZyXEL Device controls network access with MAC address filtering, rogue AP detection, layer 2 isolation and an internal authentication server. It also provides a high level of network traffic security, supporting IEEE 802.1x, Wi-Fi Protected Access (WPA), WPA2 and WEP data encryption.

Your ZyXEL Device is easy to install, configure and use. The embedded Web-based configurator enables simple, straightforward management and maintenance.

See the Quick Start Guide for instructions on how to make hardware connections. At the time of writing, this User’s Guide covers the following models.

Table 1 Models Covered

NWA-3160: IEEE 802.11a/b/g Business WLAN Access Point

NWA-3163: IEEE 802.11b/g Business WLAN Access Point

1.2 Applications for the ZyXEL Device

The ZyXEL Device can be configured to use the following WLAN operating modes

1AP

2Bridge/Repeater

3AP+Bridge

4MBSSID

Applications for each operating mode are shown below.

ZyXEL NWA-3160 Series User’s Guide

33

Chapter 1 Introducing the ZyXEL Device

"A different channel should be configured for each WLAN interface to reduce the effects of radio interference.

1.2.1Access Point

The ZyXEL Device is an ideal access solution for wireless Internet connection. A typical Internet access application for your ZyXEL Device is shown as follows. Stations A, B and C can access the wired network through the ZyXEL Devices.

Figure 1 Access Point Application

1.2.2 Bridge / Repeater

The ZyXEL Device can act as a wireless network bridge and establish wireless links with other APs. In the figure below, the two ZyXEL Devices (A and B) are connected to independent wired networks and have a bridge connection (A can communicate with B) at the same time. A ZyXEL Device in repeater mode (C) has no Ethernet connection. When the ZyXEL Device is in bridge mode, you should enable STP to prevent bridge loops.

When the ZyXEL Device is in Bridge / Repeater mode, security between APs (the Wireless Distribution System or WDS) is independent of the security between the wireless stations and the AP. If you do not enable WDS security, traffic between APs is not encrypted. When WDS security is enabled, both APs must use the same pre-shared key. See Section 6.7.2 on page 92 for more details.

Once the security settings of peer sides match one another, the connection between devices is made.

At the time of writing, WDS security is compatible with other ZyXEL access points only. Refer to your other access point’s documentation for details.

34

ZyXEL NWA-3160 Series User’s Guide

Chapter 1 Introducing the ZyXEL Device

Figure 2 Bridge Application

Figure 3 Repeater Application

1.2.3 AP + Bridge

In AP+Bridge mode, the ZyXEL Device supports both AP and bridge connection at the same time.

ZyXEL NWA-3160 Series User’s Guide

35

Chapter 1 Introducing the ZyXEL Device

In the figure below, A and B use X as an AP to access the wired network, while X and Y communicate in bridge mode.

When the ZyXEL Device is in AP + Bridge mode, security between APs (the Wireless Distribution System or WDS) is independent of the security between the wireless stations and the AP. If you do not enable WDS security, traffic between APs is not encrypted. When WDS security is enabled, both APs must use the same pre-shared key. See Section 6.7.3 on page 96 for more details.

Unless specified, the term “security settings” refers to the traffic between the wireless stations and the ZyXEL Device.

Figure 4 AP+Bridge Application

1.2.4 MBSSID

36

A BSS (Basic Service Set) is the set of devices forming a single wireless network (usually an access point and one or more wireless clients). An SSID (Service Set IDentifier) is the name of a BSS. In MBSSID (Multiple BSS) mode, the ZyXEL Device provides multiple virtual APs, each forming its own BSS and using its own individual SSID profile.

You can configure up to sixteen SSID profiles, and have up to eight active at any one time.

You can assign different wireless and security settings to each SSID profile. This allows you to compartmentalize groups of users, set varying access privileges, and prioritize network traffic to and from certain BSSs.

To the wireless clients in the network, each SSID appears to be a different access point. As in any wireless network, clients can associate only with the SSIDs for which they have the correct security settings.

ZyXEL NWA-3160 Series User’s Guide

Chapter 1 Introducing the ZyXEL Device

For example, you might want to set up a wireless network in your office where Internet telephony (Voice over IP, or VoIP) users have priority. You also want a regular wireless network for standard users, as well as a ‘guest’ wireless network for visitors. In the following figure, VoIP_SSID users have Quality of Service (QoS) priority, SSID03 is the wireless network for standard users, and Guest_SSID is the wireless network for guest users. In this example, the guest user is forbidden access to the wired LAN behind the AP and can access only the Internet.

Figure 5 Multiple BSSs

1.2.5 Pre-Configured SSID Profiles

The ZyXEL Device has two pre-configured SSID profiles.

1VoIP_SSID. This profile is intended for use by wireless clients requiring the highest QoS (Quality of Service) level for VoIP (Voice over IP) telephony and other applications requiring low latency. The QoS level of this profile is not user-configurable. See Chapter 6 on page 83 for more information on QoS.

2Guest_SSID. This profile is intended for use by visitors and others who require access to certain resources on the network (an Internet gateway or a network printer, for example) but must not have access to the rest of the network. Layer 2 isolation is enabled (see Section 9.1 on page 123), and QoS is set to NONE. Intra-BSS traffic blocking is also enabled (see Section 6.1.1 on page 83). These fields are all user-configurable.

ZyXEL NWA-3160 Series User’s Guide

37

Chapter 1 Introducing the ZyXEL Device

1.3 Ways to Manage the ZyXEL Device

Use any of the following methods to manage the ZyXEL Device.

Web Configurator. This is recommended for everyday management of the ZyXEL Device using a (supported) web browser.

Command Line Interface. Line commands are mostly used for troubleshooting by service engineers.

SMT. System Management Terminal is a text-based configuration menu that you can use to configure your device. Use Telnet to access the SMT.

FTP for firmware upgrades and configuration backup and restore.

SNMP. The device can be monitored by an SNMP manager. See the SNMP chapter in this User’s Guide.

1.4Good Habits for Managing the ZyXEL Device

Do the following things regularly to make the ZyXEL Device more secure and to manage it more effectively.

Change the password often. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.

Write down the password and put it in a safe place.

Back up the configuration (and make sure you know how to restore it). Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes. If you forget your password, you will have to reset the ZyXEL Device to its factory default settings. If you backed up an earlier configuration file, you won’t have to totally re-configure the ZyXEL Device; you can simply restore your last configuration.

1.5Hardware Connections

See your Quick Start Guide for information on making hardware connections.

38

ZyXEL NWA-3160 Series User’s Guide

Chapter 1 Introducing the ZyXEL Device

1.6 LEDs

Figure 6 LEDs

Table 2

LEDs

 

 

 

 

 

 

LABEL

 

COLOR

STATUS

DESCRIPTION

WDS

 

Green

On

The ZyXEL Device is in AP+Bridge or Bridge/Repeater

 

 

 

 

mode, and has successfully established a Wireless

 

 

 

 

Distribution System (WDS) connection.

 

 

 

 

 

 

 

 

 

 

 

 

Off

Either

 

 

 

 

• The ZyXEL Device is in Access Point or MBSSID

 

 

 

 

mode and is functioning normally.

 

 

 

 

or

 

 

 

 

• The ZyXEL Device is in AP+Bridge or Bridge/

 

 

 

 

Repeater mode and has not established a Wireless

 

 

 

 

Distribution System (WDS) connection.

 

 

 

 

 

 

 

 

 

WLAN

 

Green

On

The wireless LAN is active.

 

 

 

 

 

 

 

 

 

 

 

 

Blinking

The wireless LAN is active, and transmitting or receiving

 

 

 

 

data.

 

 

 

 

 

 

 

 

 

 

 

Off

 

The wireless LAN is not active.

 

 

 

 

 

 

 

 

 

ZyXEL NWA-3160 Series User’s Guide

39

Chapter 1 Introducing the ZyXEL Device

Table 2 LEDs (continued)

LABEL

COLOR

STATUS

DESCRIPTION

ETHERNET

Green

On

The ZyXEL Device has a 10 Mbps Ethernet connection.

 

 

 

 

 

 

Blinking

The ZyXEL Device has a 10 Mbps Ethernet connection

 

 

 

and is sending or receiving data.

 

 

 

 

 

Yellow

On

The ZyXEL Device has a 100 Mbps Ethernet

 

 

 

connection.

 

 

 

 

 

 

Blinking

The ZyXEL Device has a 100 Mbps Ethernet connection

 

 

 

and is sending/receiving data.

 

 

 

 

 

 

Off

The ZyXEL Device does not have an Ethernet

 

 

 

connection.

 

 

 

 

POWER/SYS

Green

On

The ZyXEL Device is receiving power and functioning

 

 

 

properly.

 

 

 

 

 

 

Off

The ZyXEL Device is not receiving power.

 

 

 

 

 

Red

Blinking

Either

 

 

 

• If the LED blinks during the boot up process, the

 

 

 

system is starting up.

 

 

 

or

 

 

 

• If the LED blinks after the boot up process, the

 

 

 

system has failed.

 

 

 

 

 

 

Off

The ZyXEL Device successfully boots up.

 

 

 

 

40

ZyXEL NWA-3160 Series User’s Guide

2

Introducing the Web

Configurator

This chapter describes how to access the ZyXEL Device’s web configurator and provides an overview of its screens.

2.1Accessing the Web Configurator

1Make sure your hardware is properly connected and prepare your computer or computer network to connect to the ZyXEL Device (refer to the Quick Start Guide).

2Launch your web browser.

3Type "192.168.1.2" as the URL (default).

4Type "1234" (default) as the password and click Login. In some versions, the default password appears automatically - if this is the case, click Login.

5You should see a screen asking you to change your password (highly recommended) as shown next. Type a new password (and retype it to confirm) then click Apply. Alternatively, click Ignore.

"If you do not change the password, the following screen appears every time you login.

ZyXEL NWA-3160 Series User’s Guide

41

Chapter 2 Introducing the Web Configurator

Figure 7 Change Password Screen

6Click Apply in the Replace Certificate screen to create a certificate using your ZyXEL Device’s MAC address that will be specific to this device.

Figure 8 Replace Certificate Screen

You should now see the Status screen. See Chapter 2 on page 41 for details about the Status screen.

"The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes). Simply log back into the ZyXEL Device if this happens.

2.2Resetting the ZyXEL Device

If you forget your password or cannot access the web configurator, you will need to use the RESET button. This replaces the current configuration file with the factory-default configuration file. This means that you will lose all the settings you previously configured. The password will be reset to 1234.

42

ZyXEL NWA-3160 Series User’s Guide

Chapter 2 Introducing the Web Configurator

2.2.1 Methods of Restoring Factory-Defaults

You can erase the current configuration and restore factory defaults in three ways:

Use the RESET button to upload the default configuration file. Hold this button in for about 10 seconds (the lights will begin to blink). Use this method for cases when the password or IP address of the ZyXEL Device is not known.

Use the web configurator to restore defaults (refer to Chapter 17 on page 199).

Transfer the configuration file to your ZyXEL Device using FTP. See the section on SMT configuration for more information.

2.3 Navigating the Web Configurator

The following summarizes how to navigate the web configurator from the Status screen. Click LOGOUT at any time to exit the web configurator.

Check the status bar at the bottom of the screen when you click Apply or OK to verify that the configuration has been updated.

Figure 9 The Status Screen of the Web Configurator

Click the links on the left of the screen to configure advanced features such as SYSTEM (General Setup, Password and Time Zone), WIRELESS (Wireless, SSID, Security, RADIUS, Layer-2 Isolation, MAC Filter), IP, ROGUE AP (Configuration, Friendly AP, Rogue AP), REMOTE MGNT (Telnet, FTP, WWW and SNMP), AUTH. SERVER (Setting, Trusted AP, Trusted Users), CERTIFICATES (My Certificates, Trusted CAs), LOGS (View Logs and Log Settings) and VLAN (Wireless VLAN and RADIUS VLAN).

ZyXEL NWA-3160 Series User’s Guide

43

Chapter 2 Introducing the Web Configurator

Click MAINTENANCE to view information about your ZyXEL Device or upgrade configuration and firmware files. Maintenance features include Status (Statistics),

Association List, Channel Usage, F/W (firmware) Upload, Configuration (Backup, Restore and Default) and Restart.

44

ZyXEL NWA-3160 Series User’s Guide

3

Status Screens

The Status screen displays when you log into the ZyXEL Device, or click STATUS in the navigation menu.

Use the Status screens to look at the current status of the device, system resources, interfaces and SSID status. The Status screen also provides detailed information about associated wireless clients, channel usage, logs and detected rogue APs.

3.1 The Status Screen

Cluck Status. The following screen displays.

Figure 10 The Status Screen

The following table describes the labels in this screen.

Table 3 The Status Screen

LABEL

DESCRIPTION

Automatic Refresh

Enter how often you want the ZyXEL Device to update this screen.

Interval

 

 

 

Refresh

Click this to update this screen immediately.

 

 

System Information

 

 

 

System Name

This field displays the ZyXEL Device system name. It is used for

 

identification. You can change this in the System > General screen’s

 

System Name field.

ZyXEL NWA-3160 Series User’s Guide

45

Chapter 3 Status Screens

Table 3 The Status Screen

LABEL

DESCRIPTION

Model

This field displays the ZyXEL Device’s exact model name.

 

 

Firmware Version

This field displays the current version of the firmware inside the device. It

 

also shows the date the firmware version was created. You can change the

 

firmware version by uploading new firmware in Maintenance > F/W

 

Upload.

 

 

System Up Time

This field displays the elapsed time since the ZyXEL Device was turned on.

 

 

Current Date Time

This field displays the date and time configured on the ZyXEL Device. You

 

can change this in the System > Time Setting screen.

 

 

WLAN Operating

This field displays the current operating mode of the first wireless module

Mode

(AP, Bridge / Repeater, AP + Bridge or MBSSID). You can change the

 

operating mode in the Wireless > Wireless screen.

 

 

Management VLAN

This field displays the management VLAN ID if VLAN is active, or

 

Disabled if it is not active. You can enable or disable VLAN, or change the

 

management VLAN ID, in the VLAN > Wireless VLAN screen.

 

 

IP

This field displays the current IP address of the ZyXEL Device on the

 

network.

 

 

LAN MAC

This displays the MAC (Media Access Control) address of the ZyXEL

 

Device on the LAN. Every network device has a unique MAC address

 

which identifies it across the network.

 

 

WLAN MAC

This displays the MAC address of the wireless module.

 

 

System Resources

 

 

 

Flash

This field displays the amount of the ZyXEL Device’s flash memory

 

currently in use. The flash memory is used to store firmware and SSID

 

profiles.

 

 

Memory

This field displays what percentage of the ZyXEL Device’s volatile memory

 

is currently in use. The higher the memory usage, the more likely the

 

ZyXEL Device is to slow down. Some memory is required just to start the

 

ZyXEL Device and to run the web configurator.

 

 

CPU

This field displays what percentage of the ZyXEL Device’s processing

 

ability is currently being used. The higher the CPU usage, the more likely

 

the ZyXEL Device is to slow down.

 

 

WLAN Associations

This field displays the number of wireless clients currently associated with

 

the wireless module. Each wireless module supports up to 128 concurrent

 

associations.

 

 

Interface Status

 

 

 

Interface

This column displays each interface of the ZyXEL Device.

 

 

Status

This field indicates whether or not the ZyXEL Device is using the interface.

 

For each interface, this field displays Up when the ZyXEL Device is using

 

the interface and Down when the ZyXEL Device is not using the interface.

 

 

Rate

For the LAN port this displays the port speed and duplex setting.

 

For the WLAN interface, it displays the downstream and upstream

 

transmission rate or N/A if the interface is not in use.

 

 

SSID Status

 

 

 

SSID

This field displays the SSID(s) currently used by the wireless module.

 

 

BSSID

This field displays the MAC address of the wireless adaptor.

 

 

Security

This field displays the type of wireless security used by each SSID.

 

 

46

ZyXEL NWA-3160 Series User’s Guide

 

 

Chapter 3 Status Screens

 

Table 3 The Status Screen

 

LABEL

DESCRIPTION

 

 

VLAN

This field displays the VLAN ID of each SSID in use, or Disabled if the

 

 

 

SSID does not use VLAN.

 

 

 

 

 

 

System Status

 

 

 

 

 

 

 

Show Statistics

Click this link to view port status and packet specific statistics. See Section

 

 

 

17.2.1 on page 200.

 

 

 

 

 

 

Association List

Click this to see a list of wireless clients currently associated to each of the

 

 

 

ZyXEL Device’s wireless modules. See Section 17.3 on page 200.

 

 

 

 

 

 

Channel Usage

Click this to see which wireless channels are currently in use in the local

 

 

 

area. See Section 17.4 on page 201.

 

 

 

 

 

 

Logs

Click this to see a list of logs produced by the ZyXEL Device. See Section

 

 

 

15.1 on page 175.

 

 

 

 

 

 

Rogue AP List

Click this to see a list of unauthorized access points in the local area. See

 

 

 

Section 11.3.3 on page 139.

 

 

 

 

 

ZyXEL NWA-3160 Series User’s Guide

47

Chapter 3 Status Screens

48

ZyXEL NWA-3160 Series User’s Guide

4

Tutorial

This chapter first provides an overview of how to configure the wireless LAN on your ZyXEL Device, and then gives step-by-step guidelines showing how to configure your ZyXEL Device for some example scenarios.

4.1 How to Configure the Wireless LAN

This section shows how to choose which wireless operating mode you should use on the ZyXEL Device, and the steps you should take to set up the wireless LAN in each wireless mode. See Section 4.1.3 on page 51 for links to more information on each step.

4.1.1Choosing the Wireless Mode

Use Access Point operating mode if you want to allow wireless clients to access your wired network, all using the same security and Quality of Service (QoS) settings. See Section 1.2.1 on page 34 for details.

Use Bridge/Repeater operating mode if you want to use the ZyXEL Device to communicate with other access points. See Section 1.2.2 on page 34 for details.

The ZyXEL Device is a bridge when other APs access your wired Ethernet network through the ZyXEL Device.

The ZyXEL Device is a repeater when it has no Ethernet connection and allows other APs to communicate with one another through the ZyXEL Device.

Use AP+Bridge operating mode if you want to use the ZyXEL Device as an access point (see above) while also communicating with other access points. See Section 1.2.3 on page 35 for details.

Use MBSSID operating mode if you want to use the ZyXEL Device as an access point with some groups of users having different security or QoS settings from other groups of users. See Section 1.2.4 on page 36 for details.

4.1.2Wireless LAN Configuration Overview

The following figure shows the steps you should take to configure the wireless settings according to the operating mode you select. Use the Web Configurator to set up your ZyXEL Device’s wireless network (see your Quick Start Guide for information on setting up your ZyXEL Device and accessing the Web Configurator).

ZyXEL NWA-3160 Series User’s Guide

49

Chapter 4 Tutorial

Figure 11 Configuring Wireless LAN

Select Operating Mode

.

Access Point

Mode.

Select 802.11

Mode and

Channel ID.

Select SSID

Profile.

Configure SSID Profile.

Edit Security Profile.

Configure RADIUS authentication (optional).

Configure internal AUTH. SERVER (optional).

Configure Layer 2

Isolation (optional).

Configure MAC Filter (optional).

Bridge /

Repeater Mode.

Select 802.11

Mode and

Channel ID.

Configure

WDS Security.

 

 

 

AP + Bridge

 

 

 

 

MBSSID

 

 

 

 

 

Mode.

 

 

 

 

Mode.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Select 802.11 Mode

 

 

 

Select 802.11

 

 

and Channel ID.

 

 

 

Mode and

 

 

 

 

 

 

 

 

 

 

Channel ID.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Configure WDS Security.

 

Select SSID

 

 

 

 

 

 

 

 

 

Profiles.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Select SSID Profile.

 

 

 

 

 

Configure each

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

SSID Profile.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Configure

SSID Profile. Configure each

Security Profile.

 

 

 

Edit Security Profile.

 

 

 

 

 

 

 

 

Configure RADIUS

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

authentication

 

 

 

 

 

 

 

 

 

(optional).

 

 

Configure RADIUS

 

 

 

 

 

 

 

 

 

 

 

 

authentication (optional).

 

 

 

 

 

 

Configure internal

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

AUTH. SERVER

 

 

 

 

 

 

 

(optional).

 

 

 

Configure internal AUTH.

 

 

 

 

SERVER (optional).

 

 

 

 

 

 

 

 

 

 

 

 

 

Configure Layer 2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Isolation (optional).

 

 

 

Configure Layer 2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Isolation (optional).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Configure MAC Filter

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(optional).

 

 

 

Configure MAC Filter

 

 

 

 

 

 

 

 

 

 

 

 

 

(optional).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Check your settings and test.

50

ZyXEL NWA-3160 Series User’s Guide

+ 270 hidden pages