ZyXEL NWA-3500 User manual

www.zyxel.com

NWA-3500

802.11a/b/g Wireless Access Point

User’s Guide

Version 3.60

3/2007

Edition 1

About This User's Guide

ZyXEL NWA-3500 User’s Guide

3

About This User's Guide

Intended Audience

This manual is intended for people who want to configure the ZyXEL Device using the web

configurator. You should have at least a basic knowledge of TCP/IP networking concepts and

topology.

Related Documentation

• Quick Start Guide

The Quick Start Guide is designed to help you get up and running right away. It contains

information on setting up your network and configuring for Internet access.

• Supporting Disk

Refer to the included CD for support documents.

• ZyXEL Web Site

Please refer to www.zyxel.com

for additional support documentation and product

certifications.

User Guide Feedback

Help us help you. Send all User Guide-related comments, questions or suggestions for

improvement to the following address, or use e-mail instead. Thank you!

The Technical Writing Team,

ZyXEL Communications Corp.,

6 Innovation Road II,

Science-Based Industrial Park,

Hsinchu, 300, Taiwan.

E-mail: [email protected]

Document Conventions

ZyXEL NWA-3500 User’s Guide

4

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this User’s Guide.

1 Warnings tell you about things that could harm you or your device.

" Notes tell you other important information (for example, other things you may

need to configure or helpful tips) or recommendations.

Syntax Conventions

• The NWA-3500 may be referred to as the “ZyXEL Device”, the “device” or the “system”

in this User’s Guide.

• Product labels, screen names, field labels and field choices are all in bold font.

• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER]

means the “enter” or “return” key on your keyboard.

• “Enter” means for you to type one or more characters and then press the [ENTER] key.

“Select” or “choose” means for you to use one of the predefined choices.

• A right angle bracket ( > ) within a screen name denotes a mouse click. For example,

Maintenance > Log > Log Setting means you first click Maintenance in the navigation

panel, then the Log sub menu and finally the Log Setting tab to get to that screen.

• Units of measurement may denote the “metric” value or the “scientific” value. For

example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000”

or “1048576” and so on.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

Document Conventions

ZyXEL NWA-3500 User’s Guide

5

Icons Used in Figures

Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is

not an exact representation of your device.

ZyXEL Device Computer Notebook computer

Server DSLAM Firewall

Telephone Switch Router

Safety Warnings

ZyXEL NWA-3500 User’s Guide

6

Safety Warnings

1 For your safety, be sure to read and follow all warning notices and instructions.

• Do NOT use this product near water, for example, in a wet basement or near a swimming

pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk

of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• ONLY qualified service personnel should service or disassemble this device.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device.

• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in

North America or 230V AC in Europe).

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the

product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause

electrocution.

• If the power adaptor or cord is damaged, remove it from the power outlet.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a

new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a

remote risk of electric shock from lightning.

• Antenna Warning! This device meets ETSI and FCC certification requirements when

using the included antenna(s). Only use the included antenna(s).

• If you wall mount your device, make sure that no electrical lines, gas or water pipes will

be damaged.

• The PoE (Power over Ethernet) devices that supply or receive power and their connected

Ethernet cables must all be completely indoors.

This product is recyclable. Dispose of it properly.

Safety Warnings

ZyXEL NWA-3500 User’s Guide

7

Safety Warnings

ZyXEL NWA-3500 User’s Guide

8

Contents Overview

ZyXEL NWA-3500 User’s Guide

9

Contents Overview

Introduction ............................................................................................................................ 31

Introducing the ZyXEL Device ...................................................................................................33

Introducing the Web Configurator .............................................................................................. 43

Status Screens .......................................................................................................................... 47

Tutorial ....................................................................................................................................... 51

The Web Configurator ...........................................................................................................79

System Screens ........................................................................................................................ 81

Wireless Configuration .............................................................................................................. 87

Wireless Security Configuration .............................................................................................. 103

MBSSID and SSID ...................................................................................................................119

Other Wireless Configuration .................................................................................................. 127

IP Screen ................................................................................................................................. 137

Rogue AP ................................................................................................................................ 141

Remote Management Screens ................................................................................................ 147

Internal RADIUS Server .......................................................................................................... 157

Certificates ............................................................................................................................... 163

Log Screens ............................................................................................................................ 181

VLAN ....................................................................................................................................... 187

Maintenance ............................................................................................................................ 205

SMT and Troubleshooting ................................................................................................... 215

Introducing the SMT ................................................................................................................ 217

General Setup ......................................................................................................................... 223

LAN Setup ............................................................................................................................... 225

SNMP Configuration ................................................................................................................ 227

System Password .................................................................................................................... 229

System Information and Diagnosis .......................................................................................... 231

Firmware and Configuration File Maintenance ........................................................................ 237

System Maintenance and Information ..................................................................................... 243

Troubleshooting ....................................................................................................................... 251

Appendices and Index .........................................................................................................255

Contents Overview

ZyXEL NWA-3500 User’s Guide

10

Table of Contents

ZyXEL NWA-3500 User’s Guide

11

Table of Contents

About This User's Guide .......................................................................................................... 3

Document Conventions............................................................................................................4

Safety Warnings........................................................................................................................ 6

Contents Overview ................................................................................................................... 9

Table of Contents.................................................................................................................... 11

List of Figures ......................................................................................................................... 21

List of Tables........................................................................................................................... 27

Part I: Introduction................................................................................. 31

Chapter 1

Introducing the ZyXEL Device............................................................................................... 33

1.1 Introducing the ZyXEL Device ............................................................................................ 33

1.2 Applications for the ZyXEL Device ...................................................................................... 33

1.2.1 Access Point .............................................................................................................. 34

1.2.2 Bridge / Repeater ....................................................................................................... 34

1.2.3 AP + Bridge ................................................................................................................ 35

1.2.4 MBSSID ..................................................................................................................... 36

1.2.5 Pre-Configured SSID Profiles .................................................................................... 37

1.2.6 Configuring Dual WLAN Adaptors .............................................................................. 38

1.3 Ways to Manage the ZyXEL Device .................................................................................... 38

1.4 Good Habits for Managing the ZyXEL Device ..................................................................... 39

1.5 Hardware Connections ........................................................................................................ 39

1.6 LEDs .................................................................................................................................... 40

Chapter 2

Introducing the Web Configurator ........................................................................................ 43

2.1 Accessing the Web Configurator ......................................................................................... 43

2.2 Resetting the ZyXEL Device ................................................................................................ 44

2.2.1 Methods of Restoring Factory-Defaults ...................................................................... 45

2.3 Navigating the Web Configurator ......................................................................................... 45

Chapter 3

Status Screens ........................................................................................................................ 47

Table of Contents

ZyXEL NWA-3500 User’s Guide

12

3.1 The Status Screen ............................................................................................................... 47

Chapter 4

Tutorial ..................................................................................................................................... 51

4.1 How to Configure the Wireless LAN .................................................................................... 51

4.1.1 Choosing the Wireless Mode ..................................................................................... 51

4.1.1.1 Configuring Dual WLAN Adaptors .................................................................... 51

4.1.2 Wireless LAN Configuration Overview ....................................................................... 52

4.1.3 Further Reading ......................................................................................................... 54

4.2 How to Configure Multiple Wireless Networks ..................................................................... 54

4.2.1 Change the Operating Mode ...................................................................................... 55

4.2.2 Configure the VoIP Network ....................................................................................... 57

4.2.2.1 Set Up Security for the VoIP Profile .................................................................. 58

4.2.2.2 Activate the VoIP Profile ................................................................................... 60

4.2.3 Configure the Guest Network ..................................................................................... 60

4.2.3.1 Set Up Security for the Guest Profile ................................................................ 61

4.2.3.2 Set up Layer 2 Isolation .................................................................................... 62

4.2.3.3 Activate the Guest Profile ................................................................................. 63

4.2.4 Testing the Wireless Networks ................................................................................... 63

4.3 How to Set Up and Use Rogue AP Detection ..................................................................... 64

4.3.1 Set Up and Save a Friendly AP list ............................................................................ 66

4.3.2 Activate Periodic Rogue AP Detection ....................................................................... 68

4.3.3 Set Up E-mail Logs .................................................................................................... 69

4.3.4 Configure Your Other Access Points .......................................................................... 70

4.3.5 Test the Setup ............................................................................................................ 70

4.4 Using Multiple MAC Filters and L-2 Isolation Profiles .......................................................... 71

4.4.1 Scenario ..................................................................................................................... 71

4.4.2 Your Requirements ..................................................................................................... 71

4.4.3 Setup .......................................................................................................................... 72

4.4.4 Configure the SERVER_1 Network ............................................................................ 73

4.4.5 Configure the SERVER_2 Network ............................................................................ 75

4.4.6 Checking your Settings and Testing the Configuration .............................................. 76

4.4.6.1 Checking Settings ............................................................................................. 76

4.4.6.2 Testing the Configuration .................................................................................. 76

Part II: The Web Configurator ............................................................... 79

Chapter 5

System Screens ...................................................................................................................... 81

5.1 System Overview ................................................................................................................. 81

5.2 Configuring General Setup ..................................................................................................81

Table of Contents

ZyXEL NWA-3500 User’s Guide

13

5.3 Administrator Authentication on RADIUS ............................................................................ 82

5.3.1 Configuring Password ................................................................................................ 82

5.4 Configuring Time Setting .................................................................................................... 84

5.5 Pre-defined NTP Time Servers List ..................................................................................... 86

Chapter 6

Wireless Configuration........................................................................................................... 87

6.1 Wireless LAN Overview ....................................................................................................... 87

6.1.1 BSS ............................................................................................................................ 87

6.1.2 ESS ............................................................................................................................ 88

6.2 Wireless LAN Basics ........................................................................................................... 88

6.3 Quality of Service ................................................................................................................ 89

6.3.1 WMM QoS ..................................................................................................................89

6.3.1.1 WMM QoS Priorities ......................................................................................... 89

6.3.2 ATC ............................................................................................................................ 89

6.3.3 ATC+WMM ................................................................................................................. 90

6.3.3.1 ATC+WMM from LAN to WLAN ........................................................................ 90

6.3.3.2 ATC+WMM from WLAN to LAN ........................................................................ 91

6.3.4 Type Of Service (ToS) ................................................................................................ 91

6.3.4.1 DiffServ ............................................................................................................. 91

6.3.4.2 DSCP and Per-Hop Behavior ........................................................................... 91

6.3.5 ToS (Type of Service) and WMM QoS ....................................................................... 92

6.4 Spanning Tree Protocol (STP) ............................................................................................. 92

6.4.1 Rapid STP .................................................................................................................. 92

6.4.2 STP Terminology ........................................................................................................ 93

6.4.3 How STP Works ......................................................................................................... 93

6.4.4 STP Port States ..........................................................................................................94

6.5 DFS ..................................................................................................................................... 94

6.6 Wireless Screen Overview .................................................................................................. 94

6.7 Configuring Wireless Settings ............................................................................................. 95

6.7.1 Access Point Mode .................................................................................................... 95

6.7.2 Bridge/Repeater Mode ............................................................................................... 97

6.7.3 AP+Bridge Mode ...................................................................................................... 101

6.7.4 MBSSID Mode ......................................................................................................... 101

Chapter 7

Wireless Security Configuration .........................................................................................103

7.1 Wireless Security Overview ............................................................................................... 103

7.1.1 Encryption ................................................................................................................ 103

7.1.2 Restricted Access .................................................................................................... 103

7.1.3 Hide Identity ............................................................................................................. 103

7.1.4 WEP Encryption ....................................................................................................... 103

7.2 802.1x Overview ................................................................................................................ 104

Table of Contents

ZyXEL NWA-3500 User’s Guide

14

7.3 EAP Authentication Overview ............................................................................................ 104

7.4 Introduction to WPA ........................................................................................................... 104

7.4.1 User Authentication ................................................................................................. 105

7.4.2 Encryption ............................................................................................................... 105

7.4.3 WPA(2)-PSK Application Example ........................................................................... 105

7.5 WPA(2) with External RADIUS Application Example ......................................................... 106

7.6 Security Modes .................................................................................................................. 107

7.7 Wireless Client WPA Supplicants ...................................................................................... 108

7.8 Wireless Security Effectiveness ......................................................................................... 108

7.9 Configuring Security .......................................................................................................... 108

7.9.1 Security: WEP .......................................................................................................... 109

7.9.2 Security: 802.1x Only ................................................................................................110

7.9.3 Security: 802.1x Static 64-bit, 802.1x Static 128-bit ..................................................111

7.9.4 Security: WPA ...........................................................................................................113

7.9.5 Security: WPA2 or WPA2-MIX ...................................................................................113

7.9.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX ...................................................115

7.10 Introduction to RADIUS ....................................................................................................116

7.11 Configuring RADIUS .........................................................................................................116

Chapter 8

MBSSID and SSID .................................................................................................................119

8.1 Wireless LAN Infrastructures ..............................................................................................119

8.1.1 MBSSID ....................................................................................................................119

8.1.2 Notes on Multiple BSS ..............................................................................................119

8.1.3 Multiple BSS Example ...............................................................................................119

8.1.4 Multiple BSS with VLAN Example .............................................................................119

8.1.5 Configuring Multiple BSSs ....................................................................................... 120

8.2 SSID .................................................................................................................................. 122

8.2.1 The SSID Screen ..................................................................................................... 122

8.2.2 Configuring SSID ..................................................................................................... 123

Chapter 9

Other Wireless Configuration.............................................................................................. 127

9.1 Layer-2 Isolation Introduction ............................................................................................ 127

9.2 The Layer-2 Isolation Screen ............................................................................................ 128

9.3 Configuring Layer-2 Isolation ............................................................................................. 129

9.3.1 Layer-2 Isolation Examples ...................................................................................... 130

9.3.1.1 Layer-2 Isolation Example 1 ........................................................................... 131

9.3.1.2 Layer-2 Isolation Example 2 ........................................................................... 131

9.4 The MAC Filter Screen ......................................................................................................132

9.4.1 Configuring MAC Filtering ........................................................................................ 133

9.5 Configuring Roaming ......................................................................................................... 134

9.5.1 Requirements for Roaming ...................................................................................... 135

Table of Contents

ZyXEL NWA-3500 User’s Guide

15

Chapter 10

IP Screen................................................................................................................................ 137

10.1 Factory Ethernet Defaults ................................................................................................ 137

10.2 TCP/IP Parameters .........................................................................................................137

10.2.1 WAN IP Address Assignment ................................................................................. 137

10.3 Configuring IP .................................................................................................................. 138

Chapter 11

Rogue AP...............................................................................................................................141

11.1 Rogue AP Introduction .....................................................................................................141

11.2 Rogue AP Examples ........................................................................................................ 141

11.2.1 “Honeypot” Attack ................................................................................................... 142

11.3 Configuring Rogue AP Detection ..................................................................................... 143

11.3.1 Rogue AP: Configuration ........................................................................................ 143

11.3.2 Rogue AP: Friendly AP .......................................................................................... 144

11.3.3 Rogue AP List ........................................................................................................ 145

Chapter 12

Remote Management Screens............................................................................................. 147

12.1 Remote Management Overview ...................................................................................... 147

12.1.1 Remote Management Limitations .......................................................................... 147

12.1.2 System Timeout .................................................................................................... 147

12.2 Configuring Telnet ............................................................................................................ 148

12.3 Configuring FTP .............................................................................................................. 149

12.4 Configuring WWW ...........................................................................................................150

12.5 SNMP .............................................................................................................................. 151

12.5.1 Supported MIBs ..................................................................................................... 152

12.5.2 SNMP Traps ........................................................................................................... 153

12.6 SNMP Traps .................................................................................................................... 153

12.6.1 Configuring SNMP ................................................................................................. 154

Chapter 13

Internal RADIUS Server........................................................................................................ 157

13.1 Internal RADIUS Overview .............................................................................................. 157

13.2 Internal RADIUS Server Setting ...................................................................................... 157

13.3 Trusted AP Overview .......................................................................................................159

13.4 Configuring Trusted AP ................................................................................................... 160

13.5 Configuring Trusted Users ............................................................................................... 161

Chapter 14

Certificates ............................................................................................................................ 163

14.1 Certificates Overview ....................................................................................................... 163

14.1.1 Advantages of Certificates ..................................................................................... 164

Table of Contents

ZyXEL NWA-3500 User’s Guide

16

14.2 Self-signed Certificates .................................................................................................... 164

14.3 Verifying a Certificate ....................................................................................................... 164

14.3.1 Checking the Fingerprint of a Certificate on Your Computer .................................. 164

14.4 Configuration Summary ................................................................................................... 165

14.5 My Certificates ................................................................................................................. 165

14.6 Certificate File Formats .................................................................................................... 167

14.7 Importing a Certificate ..................................................................................................... 168

14.8 Creating a Certificate ....................................................................................................... 169

14.9 My Certificate Details ....................................................................................................... 171

14.10 Trusted CAs ................................................................................................................... 174

14.11 Importing a Trusted CA’s Certificate .............................................................................. 175

14.12 Trusted CA Certificate Details ....................................................................................... 176

Chapter 15

Log Screens .......................................................................................................................... 181

15.1 Configuring View Log ....................................................................................................... 181

15.2 Configuring Log Settings ................................................................................................. 182

15.3 Example Log Messages .................................................................................................. 184

15.4 Log Commands ............................................................................................................... 185

15.4.1 Configuring What You Want the ZyXEL Device to Log .......................................... 185

15.4.2 Displaying Logs ...................................................................................................... 186

15.5 Log Command Example .................................................................................................. 186

Chapter 16

VLAN ...................................................................................................................................... 187

16.1 VLAN ............................................................................................................................... 187

16.1.1 Management VLAN ID ........................................................................................... 187

16.1.2 VLAN Tagging ........................................................................................................ 187

16.2 Configuring VLAN ............................................................................................................ 188

16.2.1 Wireless VLAN ....................................................................................................... 188

16.2.2 RADIUS VLAN ....................................................................................................... 190

16.2.3 Configuring Management VLAN Example ............................................................. 191

16.2.4 Configuring Microsoft’s IAS Server Example ......................................................... 194

16.2.4.1 Configuring VLAN Groups ............................................................................ 194

16.2.4.2 Configuring Remote Access Policies ............................................................ 195

16.2.5 Second Rx VLAN ID Example ................................................................................ 202

16.2.5.1 Second Rx VLAN Setup Example ................................................................ 202

Chapter 17

Maintenance .......................................................................................................................... 205

17.1 Maintenance Overview .................................................................................................... 205

17.2 System Status Screen ..................................................................................................... 205

17.2.1 System Statistics .................................................................................................... 206

Table of Contents

ZyXEL NWA-3500 User’s Guide

17

17.3 Association List ................................................................................................................ 207

17.4 Channel Usage ................................................................................................................ 208

17.5 F/W Upload Screen .........................................................................................................209

17.6 Configuration Screen ....................................................................................................... 210

17.6.1 Backup Configuration ..............................................................................................211

17.6.2 Restore Configuration ............................................................................................211

17.6.3 Back to Factory Defaults ........................................................................................ 212

17.7 Restart Screen ................................................................................................................. 213

Part III: SMT and Troubleshooting...................................................... 215

Chapter 18

Introducing the SMT .............................................................................................................217

18.1 Introduction to the SMT ...................................................................................................217

18.2 Accessing the SMT via the Console Port ........................................................................ 217

18.2.1 Initial Screen ..........................................................................................................217

18.2.2 Entering the Password ........................................................................................... 218

18.3 Connect to your ZyXEL Device Using Telnet ................................................................... 219

18.4 Changing the System Password ..................................................................................... 219

18.5 SMT Menu Overview Example ........................................................................................ 220

18.6 Navigating the SMT Interface .......................................................................................... 220

18.6.1 System Management Terminal Interface Summary ............................................... 222

Chapter 19

General Setup........................................................................................................................ 223

19.1 General Setup ................................................................................................................. 223

19.1.1 Procedure To Configure Menu 1 ............................................................................ 223

Chapter 20

LAN Setup.............................................................................................................................. 225

20.1 LAN Setup ....................................................................................................................... 225

20.2 TCP/IP Ethernet Setup .................................................................................................... 225

Chapter 21

SNMP Configuration.............................................................................................................227

21.1 SNMP Configuration ........................................................................................................227

Chapter 22

System Password .................................................................................................................229

22.1 System Password ............................................................................................................ 229

Table of Contents

ZyXEL NWA-3500 User’s Guide

18

Chapter 23

System Information and Diagnosis..................................................................................... 231

23.1 System Status .................................................................................................................. 231

23.2 System Information .......................................................................................................... 233

23.2.1 System Information ................................................................................................ 233

23.2.2 Console Port Speed ............................................................................................... 234

23.3 Log and Trace .................................................................................................................. 234

23.3.1 Viewing Error Log ................................................................................................... 234

23.4 Diagnostic ........................................................................................................................ 235

Chapter 24

Firmware and Configuration File Maintenance..................................................................237

24.1 Filename Conventions ..................................................................................................... 237

24.2 Backup Configuration ......................................................................................................238

24.2.1 Using the FTP command from the DOS Prompt .................................................... 238

24.2.2 Backup Configuration Using TFTP ......................................................................... 239

24.2.3 Example: TFTP Command ..................................................................................... 240

24.3 Restore Configuration ..................................................................................................... 240

24.3.1 Using the FTP command from the DOS Prompt Example ..................................... 240

24.3.2 TFTP File Upload ................................................................................................... 241

24.3.3 Example: TFTP Command ..................................................................................... 242

Chapter 25

System Maintenance and Information ................................................................................ 243

25.1 Command Interpreter Mode ............................................................................................ 243

25.1.1 Command Syntax ................................................................................................... 244

25.1.2 Command Usage ................................................................................................... 244

25.1.3 Brute-Force Password Guessing Protection .......................................................... 244

25.1.3.1 Configuring Brute-Force Password Guessing Protection: Example ............. 244

25.2 Time and Date Setting .....................................................................................................245

25.2.1 Resetting the Time ................................................................................................. 246

25.3 Remote Management Setup ............................................................................................ 246

25.3.1 Telnet ...................................................................................................................... 246

25.3.2 FTP ........................................................................................................................ 247

25.3.3 Web ........................................................................................................................ 247

25.3.4 Remote Management Setup .................................................................................. 247

25.3.5 Remote Management Limitations .......................................................................... 249

25.4 System Timeout ............................................................................................................... 249

Chapter 26

Troubleshooting....................................................................................................................251

26.1 Power, Hardware Connections, and LEDs ...................................................................... 251

26.2 ZyXEL Device Access and Login .................................................................................... 251

Table of Contents

ZyXEL NWA-3500 User’s Guide

19

26.3 Internet Access ................................................................................................................ 254

Part IV: Appendices and Index ........................................................... 255

Appendix A Product Specifications....................................................................................... 257

Appendix B Power over Ethernet (PoE) Specifications ........................................................ 259

Appendix C Power Adaptor Specifications ........................................................................... 261

Appendix D Setting up Your Computer’s IP Address ........................................................... 263

Appendix E Wireless LANs ..................................................................................................275

Appendix F Pop-up Windows, JavaScripts and Java Permissions ...................................... 289

Appendix G IP Addresses and Subnetting ........................................................................... 295

Appendix H Text File Based Auto Configuration .................................................................. 303

Appendix I Legal Information................................................................................................ 311

Appendix J Customer Support .............................................................................................315

Index....................................................................................................................................... 319

Table of Contents

ZyXEL NWA-3500 User’s Guide

20

Page is loading ...

ZyXEL NWA-3500 User manual

Related papers

Other documents