ADMINISTRATION GUIDE Cisco Small Business WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco Ironport, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Stackpower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Regist
Contents Chapter 1: Introduction 1 Chapter 2: Planning Your Wireless Network 2 Network Topology 2 Roaming 3 Network Layout 3 Example of a Simple Wireless Network 4 Chapter 3: Product Overview 5 Front Panel 6 Back Panel 7 Antennas and Positions 8 Chapter 4: Installing the Access Point 9 Placement Tips 9 Stand Option 10 Wall-Mount Option 11 Connecting the Equipment 12 Using a PoE Switch to Connect the WAP200 to the Network 12 Using a Standard Switch to Connect the WAP200 to th
Contents Chapter 6: Configuring the WAP200 Access Point Setting Up Your Access Point Configuring Basic Setup Settings 19 20 20 Configuring Basic Setup Settings 21 Configuring Network Setup Settings 22 Configuring Time Settings Configuring Wireless Settings 23 24 Configuring Basic Settings 25 Configuring Security 27 Configuring WPA-Personal 29 Configuring WPA2-Personal 30 Configuring WPA2-Personal Mixed 31 Configuring WPA-Enterprise 33 Configuring WPA2-Enterprise 35 Configuring WPA2-
Contents Upgrading the Firmware 66 Rebooting the Access Point 67 Managing the Access Point’s Configuration 68 Verifying Access Point Status 69 Checking Local Network Status 69 Checking Wireless Status 71 Checking System Performance 72 Using Windows Help Menus 74 TCP/IP 74 Shared Resources 74 Network Neighborhood/My Network Places 74 Appendix A: Troubleshooting 75 Appendix B: Wireless Security Checklist 80 Security Checklist 80 Change the Default Wireless Network Name or SSID 81
Contents Security 87 Wireless Security 87 Quality of Service 87 General 88 Environmental 88 Appendix D: Where to Go From Here Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster 89 vi
1 Introduction Thank you for choosing the Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster. This access point lets you connect Wireless-G (802.11g) or Wireless-B (802.11b) devices to your wired network so you can add computers to the network wirelessly. The WAP200 also offers the convenience of Power over Ethernet (PoE) capability, so it can receive data and power over a single Ethernet network cable.
2 Planning Your Wireless Network Before deploying your Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster, take some time to plan your wireless network. This chapter includes the following topics: • Network Topology, page 2 • Roaming, page 3 • Network Layout, page 3 • Example of a Simple Wireless Network, page 4 Network Topology A wireless network is a group of computers, each equipped with one or more wireless adapters.
Planning Your Wireless Network Roaming 2 Roaming An infrastructure configuration also supports roaming capabilities for mobile users. Roaming means that you can move your wireless computer within your network and the access points will pick up the wireless computer’s signal, providing that they both share the same wireless channel, SSID, and wireless security settings. This access point has 802.11F Inter-Access Point Protocol (IAPP) to complete the roaming process in seconds.
Planning Your Wireless Network Example of a Simple Wireless Network 2 Example of a Simple Wireless Network The following diagram shows a typical infrastructure wireless network setup. In this example, the wireless access points connect to and receive power from a PoE Cisco switch. Each access point can connect multiple wireless devices to the network. This network provides connectivity among wireless network devices and computers that have a wired connection to the switch.
3 Product Overview This chapter describes the physical features of the Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster.
3 Product Overview Front Panel Front Panel The LEDs on the front panel of the access point display information about network activity. Power LED—Lights up and remains lit when the access point is powered on. PoE LED—Lights up when the access point is powered through an Ethernet cable. Wireless LED—Lights up when the wireless module is active on the access point. This LED flashes when the access point is actively sending to or receiving data from a wireless device.
3 Product Overview Back Panel Back Panel The access point’s Reset button, Ethernet port and Power port are located on the back panel. Reset Button—There are two ways to reset the access point’s factory default configuration: • Press the Reset button for approximately ten seconds. • Restore the default settings using the access point’s web-based configuration utility. Resetting the access point erases all of your custom settings and replaces them with the factory defaults.
3 Product Overview Antennas and Positions Antennas and Positions The WAP200 access point has two detachable 2dBi omni-directional antennas. These antennas are located on the back of the device. For best range performance, adjust the two antennas so that they form a 90 degree angle.
4 Installing the Access Point This chapter explains how to mount and connect the Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster. The following topics are included: • Placement Tips, page 9 • Stand Option, page 10 • Wall-Mount Option, page 11 • Connecting the Equipment, page 12 • Verifying the Hardware Installation, page 14 Placement Tips You can place the access point horizontally on its rubber feet, vertically in a stand, or mount it on the wall.
Installing the Access Point Stand Option 4 Stand Option To place the access point vertically in a stand, follow these steps. STEP 1 Locate the left side panel of the WAP200 access point. STEP 2 With the two large prongs of one of the stands facing outward, insert the short prongs into the little slots in the WAP200 access point, and push the stand upward until the stand snaps into place. Repeat this step with the second stand.
4 Installing the Access Point Wall-Mount Option Wall-Mount Option To mount the WAP200 access point on a wall, follow these steps. STEP 1 Determine where you want to mount the WAP200 access point and install two screws (not supplied) that are 2-15/16 inches apart (approximately 7.46 cm.). STEP 2 With the back panel pointing up (if installing vertically), line up the WAP200 access point so that the wall-mount crisscross slots on the bottom of the access point line up with the two screws.
4 Installing the Access Point Connecting the Equipment Connecting the Equipment You can connect the WAP200 access point to your network in one of the following ways: • Using a PoE switch • Using a standard switch Using a PoE Switch to Connect the WAP200 to the Network To connect the WAP200 access point to your network using a PoE switch, simply connect the Ethernet port of the access point to an Ethernet port on the PoE switch.
Installing the Access Point Connecting the Equipment 4 Using a Standard Switch to Connect the WAP200 to the Network To connect the WAP200 access point to your network using a standard switch, follow these steps. STEP 1 Use the supplied Ethernet cable to connect the Ethernet port of the access point to an Ethernet port on the switch. STEP 2 Connect the included power adapter to the Power port of the WAP200 access point. STEP 3 Plug the power adapter into an electrical outlet.
4 Installing the Access Point Verifying the Hardware Installation Verifying the Hardware Installation To verify the hardware installation, complete the following tasks: • Check the cable connections. • Check the LED states. See Chapter 3, “Product Overview.” NOTE If you need help resolving a problem, visit the Cisco Small Business Support Community at www.cisco.com/go/smallbizsupport. For technical documentation and other links, see Appendix D, “Where to Go From Here.
5 Getting Started The Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster works right out of the box with the default settings. However, you can change these settings using the WAP200 web-based configuration utility. Before You Begin Before you begin to use the WAP200 web-based configuration utility, make sure that you have a computer that meets the following requirements: • Internet Explorer (version 6 or later) or Mozilla Firefox.
5 Getting Started Navigating the Web-Based Utility Navigating the Web-Based Utility The web-based utility consists of the following five main windows: • Setup • Wireless • AP Mode • Administration • Status Additional windows branch out from these main windows. For a basic network setup, you may only need to use the following windows of the web-based configuration utility: • Setup—Enter your basic network settings.
5 Getting Started Navigating the Web-Based Utility Wireless This window allows you to enter a variety of wireless settings for the access point. • Basic Wireless Settings—Chooses the wireless network mode (for example, wireless-G), wireless channel, and SSID configuration on this window. • Wireless Security—Configures the access point’s security settings including access authentication, data encryption, and wireless isolation.
5 Getting Started Navigating the Web-Based Utility Status This window allows you to view status information about your local network, wireless networks, and network performance. • Local Network—Displays system information, including software and hardware version, MAC address, and IP address on the LAN side of the access point. • Wireless—Displays wireless network settings including SSID, network mode, and wireless channel.
6 Configuring the WAP200 Access Point This chapter describes how to configure your Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster using the web-based configuration utility. Configuration is not required if you wish to use the access point right out of the box with its default settings.
Configuring the WAP200 Access Point Setting Up Your Access Point 6 Setting Up Your Access Point This section describes how to configure the general settings of the access point: • Configuring Basic Setup Settings, page 20 • Configuring Time Settings, page 23 Configuring Basic Setup Settings The Setup > Basic Setup window displays the general settings of the access point.
Configuring the WAP200 Access Point Setting Up Your Access Point 6 Configuring Basic Setup Settings To configure the basic setup settings of the access point, follow these steps: STEP 1 Click Setup > Basic Setup. STEP 2 In the Basic Setup section, configure the following settings: • Host Name—Enter the host name of the access point. You can use the host name to access the web-based configuration utility through the network if a record of the host name exists in your DNS server.
Configuring the WAP200 Access Point Setting Up Your Access Point 6 Configuring Network Setup Settings To configure the network setup settings of the access point, follow these steps: STEP 1 Click Setup > Basic Setup. STEP 2 From the IP Settings drop-down menu, select one of the following options: • Static IP Address—Select this option to assign a static or fixed IP address to the access point.
Configuring the WAP200 Access Point Setting Up Your Access Point 6 Configuring Time Settings The Setup > Time window displays the time settings of the access point. By setting up the correct time, you can help your network administrator accurately search the system log to identify problems. To configure the time settings for the access point, follow these steps: STEP 1 Click Setup > Time. STEP 2 To manually configure the time settings: a. Click Manually. b. In the Date field, enter the current date. c.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 3 To automatically configure the time settings so that the access point obtains the time from a public time server: a. Click Automatically. b. Select a time zone from the Time Zone drop-down menu. c. If you are using the access point in a location that observes daylight saving time, check the Automatically adjust clock for daylight saving changes check box. d. To use a local NTP server, click Enabled. The default is Disabled.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring Basic Settings The Wireless > Basic Settings window displays the basic wireless network settings of the access point. The access point can connect to up to four wireless networks (SSIDs) at the same time, so this window offers settings for up to four different SSIDs. Each SSID has its own MAC address on this access point.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 • G-Only—Connects Wireless-G client devices at Wireless-G data rates with maximum speed at 54 Mbps. Wireless-B clients cannot be connected in this mode. • Mixed—Connects both Wireless-B and Wireless-G client devices at their respective data rates. Wireless-G devices can be connected at Wireless-G data rates.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring Security The Wireless > Security window displays the wireless security settings of the access point, including Wi-Fi Protected Access (WPA) and Remote Authentication Dial-In User Service (RADIUS). WPA is a stronger security standard than Wired Equivalent Privacy (WEP) encryption, and is forward-compatible with IEEE 802.11i. Enterprise modes use a RADIUS server for authentication.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Wireless isolation between SSIDs prevents eavesdropping on the network. When it is enabled, wireless frames received on this access point are not forwarded to other wireless networks (SSIDs). This feature is very useful when setting up a wireless hotspot location, for example, to keep its wireless network (SSID) isolated from your other wireless networks (SSIDs). This is a global option applying to all SSIDs. The default is Enabled.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring WPA-Personal WPA stands for Wi-Fi Protected Access, which is a security standard stronger than WEP encryption and forward compatible with IEEE 802.11i. To configure the WPA-Personal (also known as WPA-PSK) wireless security settings for the access point, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select WPA-Personal.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 5 Provide the following information: • Encryption—WPA offers you two encryption methods, TKIP and AES for data encryption. Select the type of algorithm you want to use, TKIP or AES. The default is TKIP. • Shared Secret—Enter a shared secret of 8–63 characters. • Key Renewal Timeout—Enter a key renewal timeout period, which instructs the access point how often it should change the encryption keys. The default is 3600 seconds.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 3 To enable wireless isolation across SSIDs, select Enabled from the drop-down menu. Otherwise, select Disabled. STEP 4 To enable wireless isolation within SSID, select Enabled from the drop-down menu. Otherwise, select Disabled. STEP 5 Provide the following information: • Encryption—WPA2 always uses AES for data encryption. • Shared Secret—Enter a shared secret of 8–63 characters.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 The access point automatically chooses the encryption algorithm used by each client device. To configure the WPA2-Personal Mixed wireless security settings for the access point, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select WPA2-Personal Mixed. STEP 3 To enable wireless isolation across SSIDs, select Enabled from the drop-down menu. Otherwise, select Disabled.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring WPA-Enterprise This option features WPA used in coordination with a Remote Authentication DialIn User Service (RADIUS) server for client authentication. Enterprise modes use a RADIUS server for authentication. NOTE Use WPA-Enterprise only when a RADIUS server is connected to the access point. To configure the WPA-Enterprise wireless security settings for the access point, follow these steps: STEP 1 Click Wireless > Security.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 5 Provide the following information: • RADIUS Server IP Address—Enter the RADIUS server’s IP address. • RADIUS Server Port—Enter the port number used by the RADIUS server. The default is 1812. • Encryption—WPA offers you two encryption methods, TKIP and AES for data encryption. Select the type of algorithm you want to use, TKIP or AES. The default is TKIP.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring WPA2-Enterprise This option features WPA2 used in coordination with a RADIUS server for client authentication. NOTE Use WPA2-Enterprise only when a RADIUS server is connected to the access point. To configure the WPA2-Enterprise wireless security settings for the access point, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select WPA2-Enterprise.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 5 Provide the following information: • RADIUS Server IP Address—Enter the RADIUS server’s IP address. • RADIUS Server Port—Enter the port number used by the RADIUS server. The default is 1812. • Encryption—WPA2 always uses AES for data encryption. • Shared Secret—Enter the shared secret key used by the access point and RADIUS server.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring WPA2-Enterprise Mixed This security mode supports the transition from WPA-Enterprise to WPA2Enterprise. You can have client devices that use either WPA-Enterprise or WPA2-Enterprise. The access point automatically chooses the encryption algorithm used by each client device. To configure the WPA2-Enterprise Mixed wireless security settings for the access point, follow these steps: STEP 1 Click Wireless > Security.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 5 Provide the following information: • RADIUS Server IP Address—Enter the RADIUS server’s IP address. • RADIUS Server Port—Enter the port number used by the RADIUS server. The default is 1812. • Encryption—Mixed Mode automatically chooses TKIP or AES for data encryption. • Shared Secret—Enter the shared secret key used by the access point and RADIUS server.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring RADIUS This security mode is also known as Dynamic WEP with IEEE 802.1X. A RADIUS server is used for client authentication and WEP is used for data encryption. The WEP key is automatically generated by the RADIUS server. NOTE Manual WEP key is no longer supported to ensure compatibility with Microsoft’s Windows implementation.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 4 To enable wireless isolation within SSID, select Enabled from the drop-down menu. Otherwise, select Disabled. STEP 5 Provide the following information: • RADIUS Server IP Address—Enter the RADIUS server’s IP address. • RADIUS Server Port—Enter the port number used by the RADIUS server. The default is 1812. • Shared Secret—Enter the shared secret key used by the access point and RADIUS server. STEP 6 Click Save.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring WEP ! CAUTION For improved security, migrate to WPA or WPA2. The Wired Equivalent Privacy (WEP) security mode is not recommended any more, due to its weak security protection. It was defined in the original IEEE 802.11. To configure the WEP wireless security settings for the access point, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select WEP.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 5 Provide the following information: • Authentication Type—Choose the 802.11 authentication type as either Open System or Shared Key. The default is Open System. • Default Transmit Key—Select the key to be used for data encryption. • Encryption—Select a level of WEP encryption, 64 bits (10 hex digits) or 128 bits (26 hex digits).
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring Connection Control The Wireless > Connection Control window displays the wireless connection settings, and allows you to configure the Connection Control List to either permit or block specific wireless client devices connecting to (associating with) the access point. Disabling Wireless Connection Control You can use the Wireless Connection Control window to disable wireless connection control.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Allowing Specified MAC Addresses to Connect to the Wireless Network To allow only specific MAC addresses to connect to the wireless network, follow these steps: STEP 1 Click Wireless > Connection Control. STEP 2 In the Select SSID drop-down menu, select the SSID of the wireless network on which you want to allow the specified MAC addresses. STEP 3 In the connection control section, click Enabled (default).
Configuring the WAP200 Access Point Configuring Wireless Settings 6 STEP 5 To automatically capture the MAC addresses of each client to block, click Wireless Client List. A window appears to let you select each MAC address from the table. The selected MAC address is copied into the Connection Control List. Alternatively, manually enter the MAC addresses of the wireless client devices you want to disallow, in the text boxes labeled MAC 01-16. STEP 6 Click Save.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 To configure the wireless advanced settings for the access point, follow these steps: STEP 1 Click Wireless > Advanced Settings. STEP 2 In the Advanced Settings section, configure the following advanced parameters: • CTS Protection Mode—The Clear-To-Send (CTS) Protection Mode function boosts the access point’s ability to catch all wireless transmissions but severely reduces performance.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 power-saving sleep mode. Higher settings allow your computer to enter sleep mode, thus saving power, but interferes with wireless transmissions. The default is 1 ms. • RTS Threshold—This setting determines how large a packet can be before the access point coordinates transmission and reception to ensure efficient communication. This value should remain at its default setting of 2347.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 Configuring VLAN & QoS The Wireless > VLAN & QoS window allows you to configure the VLAN and QoS related settings for the access point. To configure the wireless VLAN and QoS settings of the access point, follow these steps: STEP 1 Click Wireless > VLAN & QoS. STEP 2 Configure VLAN settings by providing the following information for the global VLAN settings for the access point: • VLAN—Select Enabled to pass 802.
Configuring the WAP200 Access Point Configuring Wireless Settings 6 • VLAN Tag—Set the tagging option for the default VLAN ID. This has to match your switch’s settings. The default is untagged. • AP Management VLAN—When the VLAN option is enabled, the value entered (VLAN ID) in this field defines the VLAN that connects to the access point. The default value is 1. The VLAN should be accessible from the wired side in order to use the web-based utility.
Configuring the WAP200 Access Point Configuring the Access Point’s Modes of Operation 6 • Tx Rate Limitation—Limits the maximum data rate used in your network to save bandwidth and power consumption on client devices. The actual data rate is determined by the auto-fallback mechanism between your access point and a client device. The default is 54 Mbps for the Mixed or G-Only wireless mode and 11 Mbps for the B-Only mode.
6 Configuring the WAP200 Access Point Configuring the Access Point’s Modes of Operation You may wish to change the access point’s mode of operation if you want to use the access point as a wireless repeater to extend the range of your wireless network. When set to the Wireless Repeater mode, the wireless repeater is able to talk to a remote access point within its range and retransmit its signal.
6 Configuring the WAP200 Access Point Configuring the Access Point’s Modes of Operation You may alternately wish to change the access point’s mode of operation if you want to use the access point as a wireless bridge. For example, you can use two access points in the Wireless Bridge mode to connect two wired networks that are in two different buildings.
Configuring the WAP200 Access Point Configuring the Access Point’s Modes of Operation 6 For the Wireless Repeater and Wireless Bridge modes, the Wireless Network mode, Channel, and Security settings must be the same for other remote wireless access points and devices.
Configuring the WAP200 Access Point Configuring the Access Point’s Modes of Operation 6 To configure the access point mode settings of the access point, follow these steps: STEP 1 Click AP Mode > AP Mode. The MAC address of the access point is displayed below the window’s title. STEP 2 To configure the access point for operation as an access point, click Access Point (default), if it is not already selected. This connects your wireless computers to a wired network. In most cases, no change is necessary.
Configuring the WAP200 Access Point Configuring Security Monitor Settings 6 Configuring Security Monitor Settings This section describes how to configure the security monitor settings of the access point: • Configuring the Security Monitor Client Settings, page 55 • Configuring E-mail Notification Settings, page 57 Configuring the Security Monitor Client Settings The Security Monitor > Security Monitor Client window displays the access point’s security monitor client account settings.
Configuring the WAP200 Access Point Configuring Security Monitor Settings 6 To disable the wireless security monitor for your access point, follow these steps: STEP 1 Click Security Monitor > Security Monitor Client. STEP 2 In the Basic Settings section, click Disabled (default) if it is not already disabled. STEP 3 Click Save. Creating Security Monitor Accounts The Security Monitor Accounts section of the Security Monitor Client window allows you to create accounts to monitor wireless security.
Configuring the WAP200 Access Point Configuring Security Monitor Settings 6 Configuring Intrusion Alarm Event Log Settings The Security Monitor > Intrusion Alarm window displays the access point’s security monitor intrusion alarm event logging / notification settings for E-mail Notification and SYSLOG Notification. Configuring E-mail Notification Settings To configure e-mail notification settings for the access point, follow these steps: STEP 1 Click Security Monitor > Intrusion Alarm.
Configuring the WAP200 Access Point Configuring Security Monitor Settings 6 STEP 3 Select the types of intrusion that will be notified in the e-mail: • Rogue AP Detected— A rogue access point has been detected. • AP SSID Changed—The Access Point (AP) SSID has been changed. • Spoofed MAC Address—Another device is using the AP MAC address to send out packets. • Client is Sending Spurious Traffic—An unassociated client is sending out frames to the AP.
Configuring the WAP200 Access Point Configuring Administration Settings 6 Configuring SYSLOG Notification Settings To configure SYSLOG Notification settings for the access point, follow these steps: STEP 1 Click Security Monitor > Intrusion Alarm. STEP 2 Enter the IP address of the system that will store the system log (Logviewer). STEP 3 Select the e-mail notification alarm type to respond to intrusions. For a list of e-mail alarm types, see Step 3 on page 58.
Configuring the WAP200 Access Point Configuring Administration Settings 6 Configuring Management Settings The Administration > Management window allows you to configure the password, web access, and Simple Network Management Protocol (SNMP) settings. You should frequently change the username/password that controls access to the access point’s web-based utility to prevent unauthorized access.
Configuring the WAP200 Access Point Configuring Administration Settings 6 To change the management settings of the access point, follow these steps: STEP 1 Click Administration > Management. STEP 2 Configure the management settings: • • • Local AP Password - User Name—Modify the administrator username. The default is admin. - AP Password—Modify the administrator password for the access point’s web-based utility. The default is admin.
Configuring the WAP200 Access Point Configuring Administration Settings 6 - (SNMP v3 only) Privacy Password—Enter the privacy password for data encryption to monitor administrator traffic. Minimum password length is 8 characters. - Get Community—Enter the password that allows read-only access to the access point’s SNMP information. - Set Community—Enter the password that allows read/ write access to the access point’s SNMP information.
Configuring the WAP200 Access Point Configuring Administration Settings 6 Configuring the Administration Log The Administration > Log window configures the log settings and provides alerts for particular events. To configure the log settings of the access point, follow these steps: STEP 1 Click Administration > Log. STEP 2 Configure the log settings: • Email Alert - E-Mail Alert—If you want the access point to send e-mail alerts in the event of certain activities, select Enabled.
Configuring the WAP200 Access Point Configuring Administration Settings • • 6 Syslog Notification - Syslog Notification—Syslog is a standard protocol used to capture information about network activity. The access point supports this protocol and sends its activity logs to an external server. To enable Syslog, select Enabled. The default is Disabled. - Syslog Server IP Address—Enter the IP address of the Syslog server.
Configuring the WAP200 Access Point Configuring Administration Settings 6 Restoring Factory Default Settings The Administration > Factory Default window allows you to restore the access point’s factory default settings. ! CAUTION Restoring the factory default settings deletes all your custom settings. To preserve your custom settings, save them to disk before restoring the factory default settings, as described in “Managing the Access Point’s Configuration” on page 68.
Configuring the WAP200 Access Point Configuring Administration Settings 6 Upgrading the Firmware The Administration > Firmware Upgrade window allows you to upgrade the access point’s firmware. ! CAUTION Do not upgrade the firmware unless you are experiencing problems with the access point or the new firmware has a feature you want to use. Upgrading the firmware deletes all custom settings.
Configuring the WAP200 Access Point Configuring Administration Settings 6 d. Enter the location of the firmware upgrade file in the field provided or click Browse to locate the file. e. Click Upgrade and follow the on-screen instructions. STEP 2 Restore your custom settings as described in “Managing the Access Point’s Configuration,” on page 68. Rebooting the Access Point The Administration > Reboot window allows you to reboot the access point.
Configuring the WAP200 Access Point Configuring Administration Settings 6 Managing the Access Point’s Configuration The Administration > Config Management window allows you to create a backup configuration file or upload a configuration file to the access point. To manage the configuration for the access point, follow these steps: STEP 1 Click Administration > Config Management. STEP 2 To create a backup configuration file, click Save Configuration to File and follow the on-screen instructions.
Configuring the WAP200 Access Point Verifying Access Point Status 6 Verifying Access Point Status This section describes how to check the status of the access point: • Checking Local Network Status, page 69 • Checking Wireless Status, page 71 • Checking System Performance, page 72 Checking Local Network Status The Status > Local Network window displays the access point’s current status information for the local network.
Configuring the WAP200 Access Point Verifying Access Point Status 6 To check local network status, follow these steps: STEP 1 Click Status > Local Network. The Status > Local Network window displays the status information of the access point. • • Information - Hardware Version—Version of the access point’s current hardware. - Software Version—Version of the access point’s current software. - Local MAC Address—MAC address of the access point’s LAN interface.
Configuring the WAP200 Access Point Verifying Access Point Status 6 Checking Wireless Status The Status > Wireless window displays the access point’s current status information for the wireless networks. To check the wireless network status of the access point, follow these steps: STEP 1 Click Status > Wireless. This page displays the status of the wireless network: • Mode—Access point’s wireless network mode. • Channel—Access point’s channel setting for the SSID.
Configuring the WAP200 Access Point Verifying Access Point Status 6 Checking System Performance The Status > System Performance window displays the access point’s status information for its current settings and data transmissions. To check system performance of the access point, follow these steps: STEP 1 Click Status > Systems Performance. This page displays the access point’s system performance values: • Wired The statistics for the wired network, the LAN.
Configuring the WAP200 Access Point Verifying Access Point Status • 6 - Packets Received—Number of packets received. - Packets Sent—Number of packets sent. - Bytes Received—Number of bytes received. - Bytes Sent—Number of bytes sent. - Error Packets Received—Number of error packets received. - Drop Received Packets—Number of packets being dropped after they were received. Wireless The statistics for the wireless network. - Name—Wireless network/SSID to which the statistics refer.
Configuring the WAP200 Access Point Using Windows Help Menus 6 Using Windows Help Menus This wireless product requires Microsoft Windows. Product features can be accessed through Windows Help and are described in the following sections: • TCP/IP, page 74 • Shared Resources, page 74 • Network Neighborhood/My Network Places, page 74 TCP/IP Before a computer can communicate with the access point, TCP/IP must be enabled.
A Troubleshooting This appendix provides solutions to problems that may occur during the installation and operation of the Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster. If you can’t find an answer here, check the Cisco website at www.cisco.com. Can the WAP200 access point act as my DHCP Server? No. The WAP200 access point is nothing more than a wireless hub, and as such cannot be configured to handle DHCP capabilities.
A Troubleshooting What IEEE 802.11b features are supported? The product supports the following IEEE 802.11 functions: • CSMA/CA • Acknowledge protocol • Multi-Channel Roaming • Automatic Rate Selection • RTS/CTS • Fragmentation • Power Management What IEEE 802.11g features are supported? The product supports the following IEEE 802.
A Troubleshooting What is roaming? Roaming is the ability of a portable computer user to communicate continuously while moving freely throughout an area greater than that covered by a single access point. Before using the roaming function, the workstation must make sure that it is set to the same channel number as the access point of the dedicated coverage area. To achieve true seamless connectivity, the wireless LAN must incorporate a number of different functions.
A Troubleshooting In other words, more bandwidth is consumed than in the case of narrowband transmission, but the trade-off produces a signal that is, in effect, louder and thus easier to detect, provided that the receiver knows the parameters of the spreadspectrum signal being broadcast. If a receiver is not tuned to the right frequency, a spread-spectrum signal looks like background noise.
A Troubleshooting What is a MAC Address? The Media Access Control (MAC) address is a unique number assigned by the manufacturer to any Ethernet networking device, such as a network adapter, that allows the network to identify it at the hardware level. For all practical purposes, this number is usually permanent. Unlike IP addresses, which can change every time a computer logs on to the network, the MAC address of a device stays the same, making it a valuable identifier for the network.
B Wireless Security Checklist Wireless networks are convenient and easy to install, so homes with high-speed Internet access are adopting them at a rapid pace. Wireless networking operates by sending information over radio waves. As a result, it can be more vulnerable to intruders than a traditional wired network. Like signals from your cellular or cordless phones, signals from your wireless network can also be intercepted.
Wireless Security Checklist Security Checklist B Change the Default Wireless Network Name or SSID Wireless devices have a default wireless network name or Service Set Identifier (SSID) set by the factory. This is the name of your wireless network, and can be up to 32 characters in length. Cisco wireless products use “ciscosb” as the default wireless network name.
B Wireless Security Checklist Security Checklist Enable MAC Address Filtering Cisco routers give you the ability to enable Media Access Control (MAC) address filtering. The MAC address is a unique series of numbers and letters assigned to every networking device. With MAC address filtering enabled, wireless network access is provided solely for wireless devices with specific MAC addresses.
B Wireless Security Checklist Security Checklist • • - WPA Personal—If you do not have a RADIUS server, select the type of algorithm, TKIP or AES, enter a password in the Pre-Shared key field of 8-63 characters, and enter a Group Key Renewal period time between 0 and 99,999 seconds, which instructs the AP or other device how often it should change the encryption keys. - WPA Enterprise—WPA used in coordination with a RADIUS server.
Wireless Security Checklist General Network Security Guidelines B General Network Security Guidelines Wireless network security is useless if the underlying network is not secure. • Password-protect all computers on the network and individually password-protect sensitive files. • Change passwords on a regular basis. • Install anti-virus software and personal firewall software. • Disable file sharing (peer-to-peer). Some applications may open file sharing without your consent and/or knowledge.
C Specifications This appendix lists the specifications of the Cisco WAP200 Wireless-G Access Point with Power Over Ethernet and Rangebooster. Specifications Model WAP200 Standards IEEE802.11g, IEEE802.11b, IEEE802.3, IEEE802.3u, IEEE802.3af (Power Over Ethernet),802.1p (QoS priority), 802.1q (VLAN), 802.1X (Security Authentication), 802.11i - Ready (Security WPA2), 802.11e - Ready (Wireless QoS), 802.
C Specifications Management Management SNMP Version SNMP Version 1, 2c, and 3 Event Logging E-mail notification Remote Syslog Web F/W upgrade Firmware upgradeable through web-browser Diags: Flash, etc. Flash, RAM, LAN, WLAN DHCP DHCP Client Operating Modes Access Point Access Point Mode, point-to-point Bridge Mode, pointto-multipoint Bridge Mode, Repeater Mode Spec/Modulation Radio and Modulation Type: 802.
C Specifications Security Antenna Gain in dBi 2 Receiver Sensitivity 11.g: 54Mbps@ -72dBm 11.b: 11Mbps@ -85dBM Security WEP/WPA/WPA2 WEP 64bit/128bit, WPA-PSK, WPA2-PSK, WPA-ENT, WPA2-ENT Access Control Wireless Connection Control: MAC-Based SSID Broadcast SSID Broadcast Enable/Disable 802.1X IEEE 802.1X support Wireless Security Monitor Scans and Classifies wireless devices in the network. Reports new clients and access points joining the network, and suspicious network events.
C Specifications General General Wireless roaming based on IAPP Auto-channel selection Environmental Device Dimensions (W x D x H) 6.69 in. x 8.07 in. x 7.68 in. Weight 0.88 lb (0.4 kg) Power 12V 1A DC input, and IEEE802.3af Compliant PoE Certification FCC, ICES-003, CE Operating Temp. 32 to 104°F (0 to 40°C) Storage Temp.
D Where to Go From Here Cisco provides a wide range of resources to help you and your customer obtain the full benefits of the Cisco WAP200 Wireless-G Access Point. Product Resources Support Cisco Small Business Support Community www.cisco.com/go/smallbizsupport Online Technical Support www.cisco.com/support and Documentation (Login Required) Phone Support Contacts www.cisco.com/en/US/support/ tsd_cisco_small_ business_support_center_contacts.html Software Downloads (Login Required) Go to tools.cisco.
