ADMINISTRATION GUIDE Cisco Small Business WAP4410N Wireless-N Access Point with Power Over Ethernet
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) © 2012 Cisco Systems, Inc. All rights reserved.
Contents Chapter 1: Introduction 6 Audience 6 Organization 7 Chapter 2: Planning Your Wireless Network 8 Network Topology 8 Roaming 8 Network Layout 9 Example of a Simple Wireless Network 10 Protecting Your Network 11 Chapter 3: Getting to Know the Wireless-N Access Point 13 Front Panel 13 Back Panel 14 Antennas and Positions 14 Chapter 4: Connecting the Cisco WAP4410N Access Point 15 Placement Options 15 Desktop Option 15 Wall-Mount Option 16 Stand Option 16 Connecting
Contents Administration 21 Status 22 Chapter 6: Configuring the Cisco WAP4410N Wireless-N Access Point Setup 23 23 Basic Setup 24 Time 26 Advanced 27 Wireless 28 Basic Settings 28 Security 30 Connection Control 37 Wi-Fi Protected Setup 39 VLAN and QoS 39 Advanced Settings 41 AP Mode 43 Administration 44 Management 44 Log 46 Diagnostics 47 Factory Default 48 Firmware Upgrade 48 Reboot 49 Configuration Management 49 SSL Certification Management 50 Status 50 Loc
Contents Appendix B: Where to Go From Here WAP4410N Wireless-N Access Point with Power Over Internet Administration Guide 61 5
1 Introduction The Cisco WAP4410N access point allows for greater range and mobility within your wireless network while also allowing you to connect the wireless network to a wired environment. It also supports the Wi-Fi Protected Setup (WPS) feature to help you simplify the setting up of security on a wireless network. The Cisco WAP4410N offers the convenience of Power over Ethernet (PoE), in addition to regular 12VDC power adaptor, so it can receive data and power over a single Ethernet network cable.
1 Introduction Organization Organization This table describes the contents of each chapter in this document. Chapter Title Description “Introduction” on page 6 Introduces the access point and its capabilities. “Planning Your Wireless Network” on page 8 Describes how to connect the access point to the network. “Getting to Know the Wireless-N Access Point” on page 13 Describes the physical features of the access point.
2 Planning Your Wireless Network Network Topology A wireless network is a group of computers, each equipped with one or more wireless adapters. Computers in a wireless network must be configured to share the same radio channel to talk to each other. Several computers equipped with wireless cards or adapters can communicate with each other to form an ad-hoc network without the use of an access point.
Planning Your Wireless Network Network Layout 2 Network Layout The Wireless-N Access Point has been designed for use with 802.11n, 802.11g and 802.11b products. The access point is compatible with 802.11n, 802.11g and 802.11b adapters, such as the notebook adapters for your laptop computers, PCI adapters for your desktop PCs, and USB adapters for all PCs when you want to enjoy wireless connectivity. These wireless products can also communicate with a 802.11n, 802.11g or 802.
Planning Your Wireless Network Example of a Simple Wireless Network 2 Example of a Simple Wireless Network The diagram below shows a typical infrastructure wireless network setup. In this illustration, the switch connects to a router that connects to the Internet. The network provides connectivity among wireless network devices and computers that have a wired connection to the switch. The wireless access points connect to a Cisco switch that provides them with power.
2 Planning Your Wireless Network Protecting Your Network Protecting Your Network Wireless networks are easy to find. Hackers know that to join a wireless network, wireless networking products first listen for “beacon messages.” These messages can be easily decrypted and contain much of the network’s information, such as the network’s SSID (Service Set Identifier).
2 Planning Your Wireless Network Protecting Your Network - Use “Shared Key” authentication. - Change your WEP key regularly. • WPA/WPA2 Personal—The WPA-Personal and WPA2-Personal methods offer two encryption methods, TKIP and AES, with dynamic encryption keys. • WPA /WPA2 Enterprise—The WPA-Enterprise and WPA2-Enterprise option requires that your network has a RADIUS server for authentication.
3 Getting to Know the Wireless-N Access Point This chapter describes the external features of the Cisco WAP4410N Access Point. Front Panel The access point’s front panel lights display information about network activity. • POWER Light—(Green) Lights up and remains lit when the device is powered on. • PoE Light—(Green) Lights up when the access point is powered through an Ethernet cable. • WIRELESS Light—(Green) Lights up when the wireless module is active on the access point.
Getting to Know the Wireless-N Access Point Back Panel 3 Back Panel The back panel of the device consists of: • RESET Button—There are two ways to reset the access point to the factory default configuration. Either press the Reset button for approximately 10 seconds or restore the defaults using the web-based utility of the access point. • ETHERNET Port—Connects to Ethernet network devices, such as a switch or router.
4 Connecting the Cisco WAP4410N Access Point This chapter describes how to place and connect the Cisco WAP4410N access point to your network. Depending on your application, you might want to set up the device first before mounting it. Placement Options You can place the Cisco WAP4410N horizontally on its rubber feet, vertically in a stand, or mount it on the wall. Desktop Option For desktop mounting, place the access point horizontally on a surface so it sits on its four rubber feet.
4 Connecting the Cisco WAP4410N Access Point Placement Options Wall-Mount Option To mount the Cisco WAP4410N access point on a wall, follow these steps. STEP 1 Determine where you want to mount the device and install two screws (not supplied) that are 2-15/16 inches apart (approximately 7.46 cm.). STEP 2 With the back panel pointing up (if installing vertically), line up the Cisco WAP4410N Access Point so that the wall-mount crisscross slots on the bottom of the access point line up with the two screws.
Connecting the Cisco WAP4410N Access Point Connecting the Cisco WAP4410N Access Point to the Network 4 Connecting the Cisco WAP4410N Access Point to the Network You can connect the Cisco WAP4410N access point to your network in one of the following ways: • Using a PoE Switch or Router • Using a Standard Switch or Router Using a PoE Switch or Router To connect the Cisco WAP4410N to your network using a PoE switch or router, connect the Ethernet port of the access point to a PoE port on the PoE switch.
Connecting the Cisco WAP4410N Access Point Connecting the Cisco WAP4410N Access Point to the Network 4 The lights on the front panel light up as soon as the Cisco WAP4410N Access Point powers on. Using a Standard Switch or Router To connect the Cisco WAP4410N to your network using a standard switch or router, follow these steps. STEP 1 Use the supplied Ethernet cable to connect the Ethernet port of the access point to an Ethernet port on the switch.
5 Setting Up the Cisco WAP4410N Wireless-N Access Point The Cisco WAP4410N access point works with the default settings. However, you can change these settings to suit your needs by accessing the access point using a web-based configuration utility. NOTE Make sure that you have enabled TCP/IP on your computers prior to proceeding. Computers communicate over the network with this protocol. Launching the Web-Based Configuration Utility The firmware v2.0.0.
Setting Up the Cisco WAP4410N Wireless-N Access Point Navigating the Utility 5 c. The wireless access points can be accessed and managed by Cisco Small Business network tools and services including the Cisco FindIT Network Discovery Utility that enables you to automatically discover all supported Cisco Small Business devices in the same local network segment as your computer. You can get a snapshot view of each device or launch the product configuration utility to view and configure the settings.
Setting Up the Cisco WAP4410N Wireless-N Access Point Navigating the Utility 5 Setup This page allows you to configure the host name and IP address settings and to set the time. • Basic Setup—Configures the host name and IP address settings for this access point. • Time—Sets the time on this access point. • Advanced—Sets the HTTP Redirect and 802.1x supplicant settings for this access point. Wireless This page allows you to enter a variety of wireless settings for the access point.
Setting Up the Cisco WAP4410N Wireless-N Access Point Navigating the Utility 5 • Log—Configures the log settings. • Diagnostics—Allows you to perform diagnostic activities, which can be useful in solving network problems. • Factory Default—Resets the access point to its factory default settings. • Firmware Upgrade—Upgrades the access point’s firmware on this screen. • Reboot—Reboots the access point. • Configuration Management—Saves and restores access point configuration.
6 Configuring the Cisco WAP4410N Wireless-N Access Point This chapter describes how to configure your Cisco WAP4410N access point using the web-based configuration utility. The web-based configuration utility contains the following topics which are described in this chapter. • Setup • Wireless • AP Mode • Administration • Status Setup The Setup section describes how to configure the general settings of the access point.
Configuring the Cisco WAP4410N Wireless-N Access Point Setup 6 Basic Setup The Setup > Basic Setup page displays the general settings of the access point. You can configure the following basic setup settings: • “Configuring Device Setup Settings” on page 24 • “Configuring Network Setup Settings” on page 24 Configuring Device Setup Settings To configure the device setup settings of the access point, follow these steps: STEP 1 Click Setup > Basic Setup.
Configuring the Cisco WAP4410N Wireless-N Access Point Setup 6 STEP 1 Click Setup > Basic Setup. STEP 2 From the IP Settings drop-down menu, select one of the following options: • Static IP Address—Select this option to assign a static or fixed IP address to the access point. • Automatic Configuration—Select this option to automatically configure the IPv4 network settings of the access point using a DHCP server on your network.
Configuring the Cisco WAP4410N Wireless-N Access Point Setup 6 Time The Setup > Time page displays the time settings of the access point. By setting up the correct time, you can help your network administrator search the system log to identify problems. By default, the WAP is configured to obtain its time from a predefined list of NTP servers. To otherwise configure the time settings for the access point, follow these steps: STEP 1 Click Setup > Time. STEP 2 To manually configure the time settings: a.
Configuring the Cisco WAP4410N Wireless-N Access Point Setup 6 Advanced The Setup > Advanced page displays advanced settings. To configure the advanced setup settings of the access point, follow these steps: STEP 1 Click Setup > Advanced. STEP 2 The LAN Port Speed Settings configure settings for the port that physically connects the WAP device to a local area network. a. If the WAP device has compatibility issues with your switch, enable Force LAN Port Speed to 100M. The default is Disabled. b.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 c. To use a name and password for authentication, click Authentication via Name and Password and enter the name and password in the corresponding fields. STEP 6 Click Save. Wireless The Wireless section describes how to configure the wireless settings of the access point. Basic Settings The Wireless > Basic Settings page displays the basic wireless network settings.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 You can also select Auto from the Wireless Channel drop-down menu so that your access point selects the channel with the lowest amount of wireless interference while the system is powering up. Automatic channel selection starts when you click Save. It takes several seconds to scan through all the channels to find the best channel.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 Security The Wireless > Security page displays the wireless security settings of the access point. To configure the wireless security settings of the access point, follow these steps: STEP 1 Click Wireless > Security. STEP 2 To configure wireless isolation between SSIDs: a. From the Select SSID drop-down menu select an SSID. b. To isolate wireless clients from each other, click Enabled. Otherwise, click Disabled.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 Configuring WPA-Personal Wi-Fi Protected Access (WPA) Personal (WPA-Personal) is a security standard stronger than WEP encryption and forward compatible with IEEE 802.11e. WPAPersonal is also known as WPA-PSK. To enable wireless WPA-Personal security, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select WPA-Personal. STEP 3 To enable wireless isolation within the SSID, click Enabled.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless • 6 Key Renewal—Enter a key renewal timeout period, which instructs the access point how often it should change the encryption keys. The default is 3600 seconds. STEP 5 Click Save. Configuring WPA2-Personal Mixed This security mode supports the transition from WPA-Personal to WPA2-Personal. You can have client devices that use either WPA-Personal or WPA2-Personal.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 Configuring WPA-Enterprise The WPA-Enterprise mode features WPA used in coordination with a RADIUS server for client authentication. ! CAUTION Use this mode only when a RADIUS server is connected to the access point. To enable wireless WPA-Enterprise security, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select WPA-Enterprise.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 Configuring WPA2-Enterprise The WPA2-Enterprise mode features WPA2 used in coordination with a RADIUS server for client authentication. ! CAUTION Use this mode only when a RADIUS server is connected to the access point. To enable wireless WPA2-Enterprise security, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select WPA2-Enterprise.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 Configuring WPA2-Enterprise Mixed This security mode supports the transition from WPA-Enterprise to WPA2Enterprise. You can have client devices that use either WPA-Enterprise or WPA2Enterprise. The access point will automatically choose the encryption algorithm used by each client device. ! CAUTION Use this mode only when a RADIUS server is connected to the access point.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 Configuring RADIUS This option features a RADIUS server for client authentication. ! CAUTION Use this mode only when a RADIUS server is connected to the access point. To enable wireless Remote Authentication Dial-In User Service (RADIUS) security, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select RADIUS. STEP 3 To enable wireless isolation within the SSID, click Enabled.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 To enable wireless Wired Equivalent Privacy (WEP) security, follow these steps: STEP 1 Click Wireless > Security. STEP 2 From the Security Mode drop-down menu, select WEP. STEP 3 To enable wireless isolation within the SSID, click Enabled. STEP 4 Provide the following information: • Authentication Type—Choose Open System or Shared Key as the 802.11 authentication type. The default is Open System.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 There are two ways to control the connection (association) of wireless client devices. You can either prevent specific devices from connecting to the access point, or you can allow only specific client devices to connect to the access point. The client devices are specified by their MAC addresses. The default is to allow only specific client devices. STEP 3 To add a MAC address to the connection control list, click Wireless Client List.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 STEP 1 Click Wireless > Connection Control. STEP 2 Click Disabled. STEP 3 Click Save. Wi-Fi Protected Setup The Wireless > Wi-Fi Protected Setup page allows you to configure the Wi-Fi Protected Setup (WPS) settings for the access point.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 The Quality of Service (QoS) feature allows you to specify priorities for different types of traffic. Lower priority traffic is slowed to allow greater throughput or less delay for high priority traffic. The 802.1Q VLAN feature allows traffic from different sources to be segmented. Combined with the multiple SSID feature, this provides a powerful tool to control access to your network.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 Advanced Settings The Wireless > Advanced Settings page allows you to configure the advanced wireless and load balancing settings for the access point. The access point uses several parameters to adjust the channel bandwidth and guard intervals to improve the data rate. We recommend you let your access point automatically adjust the parameters for maximum data throughput. STEP 1 Click Wireless > Advanced.
Configuring the Cisco WAP4410N Wireless-N Access Point Wireless 6 WAP4410N sends multicast and broadcast messages every 1 beacon interval, if the Beacon Interval field is set with the default of 100ms. Lower settings result in more efficient networking, while preventing your computer from dropping into power-saving sleep mode. Higher settings allow your computer to enter the sleep mode, thus saving power, but interferes with wireless transmissions. • RTS Threshold—Enter an RTS threshold (1–2347).
Configuring the Cisco WAP4410N Wireless-N Access Point AP Mode 6 AP Mode The AP Mode page displays the AP mode settings for the access point. To configure the AP mode of the access point, follow these steps: STEP 1 Click AP Mode > AP Mode. STEP 2 Configure the AP Mode settings. • Access point—Select to let the device operate as a normal access point.
Configuring the Cisco WAP4410N Wireless-N Access Point Administration 6 - Not in Legal AP List—Check to flag any access point not listed in the Legal AP List as a rouge access point. If you check this check box, you must maintain the Legal AP List. - Define Legal AP—Click to open a sub-screen where you can modify the Legal AP List. This list must contain all known access points. You must maintain this list. STEP 3 Click Save.
Configuring the Cisco WAP4410N Wireless-N Access Point Administration • - Web HTTPS Access—Enable HTTPS if needed. The default is Disabled. - Wireless Web Access—Allow or deny wireless clients to access webbased utility. The default is Disabled. Remote Console—Enable Secure Shell (SSH) to exchange data over a secure channel between two computers. - • 6 Secure Shell (SSH)—Enable SSH if needed. The default is Disabled.
Configuring the Cisco WAP4410N Wireless-N Access Point Administration 6 Log The Administration > Log page allows you to have logs that keep track of the access point’s activities. STEP 1 Click Administration > Log. STEP 2 Configure the log settings. • • Email Alert - E-Mail Alert—If you want the access point to send e-mail alerts in the event of certain attacks, click Enabled. The default is Disabled.
Configuring the Cisco WAP4410N Wireless-N Access Point Administration 6 STEP 3 Click Save. Diagnostics The Administration > Diagnostics page allows you to use the access point to perform a ping. The activity can be useful in solving network problems. To perform a ping test to help diagnose problems with the access point, follow these steps: STEP 1 Click Administration > Diagnostics. STEP 2 Set up the ping test: • IP or URL Address—Enter the IP address you want to ping.
Configuring the Cisco WAP4410N Wireless-N Access Point Administration 6 Factory Default The Administration > Factory Default page allows you to restore the access point’s factory default settings. Note any custom settings before you restore the factory defaults. Once the access point is reset, you will have to re-enter all of your configuration settings. STEP 1 Click Administration > Factory Default. STEP 2 Click Yes to restore the factory default settings. STEP 3 Click Save.
Configuring the Cisco WAP4410N Wireless-N Access Point Administration 6 d. In the File field, enter the location of the firmware upgrade file or click the Browse button to locate the file. e. Click Upgrade and follow the on-screen instructions. STEP 3 Re-enter all of your custom configuration settings. Reboot The Administration > Reboot page allows you to reboot the access point. To reboot the access point, follow these steps: STEP 1 Click Administration > Reboot.
Configuring the Cisco WAP4410N Wireless-N Access Point Status 6 SSL Certification Management To generate the certificate with the WAP device, click Export Certificate. Generating a new SSL certificate restarts the secure Web server. The secure connection will not work until the new certificate is accepted on the browser. If an SSL certificate (with a .pem extension) exists on the WAP device, you can install it to your computer as a backup. Browse to the certificate file and click Install Certificate.
Configuring the Cisco WAP4410N Wireless-N Access Point Status 6 - Primary DNS—The IP address of your primary DNS server. - Secondary DNS—The IP address of your secondary DNS server. STEP 2 To update the status information, click Refresh. Wireless The Status > Wireless page displays the access point’s current status information for the wireless network. To check wireless network status of the access point, follow these steps: STEP 1 Click Status > Wireless.
Configuring the Cisco WAP4410N Wireless-N Access Point Status 6 System Performance The Status > System Performance page displays the access point’s status information for its current settings and data transmissions. To check system performance of the access point, follow these steps: STEP 1 Click Status > System Performance. This page displays the access point’s system performance values: • • Wired—The statistics for the wired network. - IP Address—The access point’s local IP address.
Configuring the Cisco WAP4410N Wireless-N Access Point Status 6 - Bytes Sent—The number of bytes sent for each wireless network. - Error Packets Received—The number of error packets received for each wireless network. - Drop Received Packets—The number of packets being dropped after they were received. STEP 2 To update the system performance status information, click Refresh.
A Troubleshooting This appendix provides solutions to problems that might occur during the installation and operation of the Cisco WAP4410N Access Point. Read the descriptions below to help solve your problems. If you can't find an answer here, check the Cisco.com website at www.cisco.com/en/US/support/ tsd_cisco_small_business_support_center_contacts.html. Frequently Asked Questions Q. Can the access point act as my DHCP Server? No.
A Troubleshooting Q. What is the IEEE 802.11b standard? It is one of the IEEE standards for wireless networks. The 802.11b standard allows wireless networking hardware from different manufacturers to communicate, provided that the hardware complies with the 802.11b standard. The 802.11b standard states a maximum data transfer rate of 11Mbps and an operating frequency of 2.4 GHz. Q. What is the IEEE 802.11g standard? It is one of the IEEE standards for wireless networks. The 802.
A Troubleshooting The Cisco WAP4410N Access Point supports the following IPv6 Applications: Q. - WEB/SSL - SNTP - PING6 - TRACE Route What is roaming? Roaming is the ability of a portable computer user to communicate continuously while moving freely throughout an area greater than that covered by a single access point. Before using the roaming function, the workstation must make sure that it is set to the same channel number as the access point of the dedicated coverage area.
A Troubleshooting Q. What is the ISM band? The FCC and their counterparts outside of the U.S. have set aside bandwidth for unlicensed use in the ISM (Industrial, Scientific and Medical) band. Spectrum in the vicinity of 2.4 GHz, in particular, is being made available worldwide. This presents a truly revolutionary opportunity to place convenient high speed wireless capabilities in the hands of users around the globe. Q.
A Troubleshooting Q. Would the information be intercepted while transmitting on air? WLAN features two-fold protection in security. On the hardware side, as with Direct Sequence Spread Spectrum technology, it has the inherent security feature of scrambling. On the software side, the WLAN series offers a variety of wireless security methods to enhance security and access control. Users can set it up depending upon their needs. Q.
A Troubleshooting Q. Does the access point function as a firewall? No. The access point is only a bridge from wired Ethernet to wireless clients. Q. I have excellent signal strength, but I cannot see my network. Wireless security, such as WEP or WPA, is probably enabled on the access point, but not on your wireless adapter (or vice versa). Verify that the same wireless security settings are being used on all devices in your wireless network. Q.
A Troubleshooting TCP/IP Before a computer can communicate with the access point, TCP/IP must be enabled. TCP/IP is a set of instructions, or protocol, all computers follow to communicate over a network. This is true for wireless networks as well. Your computers will not be able to utilize wireless networking without having TCP/IP enabled. Windows Help provides complete instructions on enabling TCP/IP.
B Where to Go From Here Cisco provides a wide range of resources to help you and your customer obtain the full benefits of the Cisco WAP4410N Wireless-N Access Point with Power over Ethernet. Support Cisco Small Business Support Community www.cisco.com/go/smallbizsupport Cisco Small Business Support and Resources www.cisco.com/go/smallbizhelp Phone Support Contacts www.cisco.com/en/US/support/ tsd_cisco_small_business _support_center_contacts.html Cisco Small Business Firmware Downloads www.cisco.
B Where to Go From Here Cisco Small Business Cisco Partner Central for Small Business (Partner Login Required) www.cisco.com/web/partners/sell/smb Cisco Small Business Home www.cisco.
