© Copyright 2006 Compex Systems Pte Ltd All Rights Reserved This document contains information that is protected by copyright. Reproduction, adaptation, or translation without prior permission is prohibited, except as allowed under copyright laws. Trademark Information Compex®, ReadyLINK® and MicroHub® are registered trademarks of Compex, Inc. Microsoft Windows and the Windows logo are trademarks of Microsoft Corp. NetWare is the registered trademark of Novell Inc.
FCC Compliance Statement This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: 1. This device may not cause harmful interference, and 2. This device must accept any interference received, including interference that may cause undesired operation. Declaration of Conformity Compex, Inc.
Technical Support Information The warranty information and registration form are found in the Quick Install Guide. For technical support, you may contact Compex or its subsidiaries. For your convenience, you may also seek technical assistance from the local distributor or from the authorized dealer/reseller that you have purchased this product from. For technical support by email, write to support@compex.com.sg. Refer to the table below for the nearest Technical Support Centre.
About This Document This document may be superseded, in which case you may find its latest version at: http://www.compex.com.sg The product described in this document, Wireless 54Mbps A+G Dualband Access Point with Integrated PoE, NetPassage WP18 is a licensed product of Compex Systems Pte Ltd. This document contains instructions for installing, configuring and using Compex NetPassage WP18. It also gives an overview of the key applications and the networking concepts with respect to the product.
TABLE OF CONTENTS © COPYRIGHT 2006 COMPEX SYSTEMS PTE LTD...................................... I TRADEMARK INFORMATION .......................................................................... I DISCLAIMER ......................................................................................................... I YOUR FEEDBACK................................................................................................. I FCC NOTICE ........................................................................
How to Setup WPA Enterprise Modes .................................................................45 How to Setup WPA Personal ...............................................................................46 ADVANCED WLAN SETTINGS ..........................................................................47 LONG DISTANCE PARAMETERS ......................................................................49 WMM ....................................................................................................
To Setup a De-Militarised Zone Host ................................................................107 To Setup Port Forwarding .................................................................................109 IP Forwarding ...................................................................................................114 ROUTING .............................................................................................................116 Static Routing..............................................
HOW IT WORKS..................................................................................................165 Appendix C: Troubleshooting................................................................... 166 SOLUTIONS TO COMMON PROBLEMS..........................................................166 Appendix D Command Line Interface Commands ................................. 170 Appendix E Glossary of Terms..................................................................
Chapter 1: Introduction Introducing the access point T His access point is a Wireless 54Mbps A+G Dualband Access Point. It doesn’t just operate in wired network environments, it also upholds simultaneous IEEE802.11a and IEEE802.11b/g connections, as is often required in hotspots and other public Internet access deployment. Advanced Features New 54Mbps 802.11a & 802.11g 5X faster than 802.11b! Secure your wireless data transmissions with WPA protocol, IEEE 802.
Chapter 2: Getting to know the Access Point The following will help you get more acquainted with the rich suite of features offered by the access point so that you are better able to exploit your access point’s full potential. * Key features Point-to-Point & Point-to-MultiPoint Support Point-to-Point and Point-to-MultiPoint communication between different buildings enables you to bridge wireless clients that are kilometres apart while unifying the networks. Supports 2 Slots for 802.11a/b/g and 802.
Easy Management & Configuration You can browse or uConfig to the web interface of the access point for effortless configuration. Additionally, you can make use of these features: • The access point supports HTTPS (SSL) in addition to the standard HTTP. HTTP (SSL) features additional authentication and encryption for secure communication. • Telnet allows a computer to remotely connect to the access point CLI (Command Line Interface) for control and monitoring.
Security Features Security elements have been put in place to better protect your data and privacy. WPA (Wi-Fi Protected Access) Standard & 802.1x Authentication The access point supports the WPA standard for enhanced security in your wireless network. The WPA protocol combines two mechanisms: Dynamic Key Encryption and Mutual Authentication for enhanced security in the wireless LAN. This combination ensures that all users are authenticated through a central authority before being allowed network access.
Additional Features These features reveal the comprehensive range of advanced routing functionalities. Static IP, Dynamic IP, PPPoE, PPTP, and L2TP WAN types Whether you have subscribed to fixed IP, dynamic IP, PPPoE, PPTP, or L2TP, you can use the access point for broadband cable /ADSL Internet connection sharing. Parallel Broadband The unique Parallel Broadband technology features improved load balancing and fail-over Internet connectivity.
Panel Views The access point can either be placed standing upright on the 2 rest feet included or mounted onto a wall. LED indicators denoting network status and activity are situated on the front edge of the access point for easy visibility. Notice: Actual product appearance may slightly differ depending on the hardware version.
Front View 7 8 9 10 11 12 11
Panel Description Name 1 2 3 4 Power (LED) WAN (Link/Activity LED) WLAN (1), (2) (Link/Activity LED) 1, 2, 3, 4 (Link/Activity/Speed LEDs) Description Steady Green Off The device is powered up. No power is supplied to the device. Steady Green Flashing Green The WAN connection is ON. Steady Green Wireless interface up and running. Ready for operation. Flashing Green Activity is detected in the wireless network. Data transmission connection.
6 Rest Feet 7 External Antennas These rest feet hold the access point in the standing position. SMA antennas 8 R232 (Integrated Serial Interface) Not in use. Reserved for future update. 9 WAN (Ethernet Port) 10/100Base-T Port connects to Cable/ADSL modem. 10 1, 2, 3, 4 (Ethernet Ports) Integrated 3-port 10/100Mbps Switching. Ports 1, 2, 3, and 4 all function as normal Ethernet ports except that Port 4 supports PoE connection.
! NOTE: Although the Ethernet ports are numbered 1 to 4, they DO NOT have to be connected sequentially. For example: in a network of two computers, you can choose to connect one computer to Port 2 and another to Port 4.
Chapter 3: Hardware Setup The access point can be powered using either the power adapter, or PoE * or IEEE 802.3af PoE. The installation process for the three options is described below. Option 1: Using Power Adapter to Supply Power Before attaching a pair of external antennas to the access point, take note of the ‘A’ marking on one of the two antennas. Connect the singleband G antenna to Ant-2 on the RIGHT. The antenna with the ‘A’ marking is the Dualband AG Antenna.
Insert one end of the RJ45 Ethernet cable to any of the LAN ports (1, 2, 3, or 4) on the access point and the other end to your PC’s Ethernet network adapter. PC Attach the power adapter to the main electrical supply and connect the power plug into the socket of the access point. Power on your PC. Notice that the Power and the corresponding port LEDs have lighted up. This indicates that connection has been established successfully between the access point and your PC.
Option 2: Using PoE to Supply Power PoE (Power-Over-Ethernet) can be used to power the access point. This accessory supplies operational power to the wireless access point through the Ethernet cable connection and is available separately. If you wish to use PoE to supply power to the access point, follow the steps below: Follow the steps described in Option One. Connect one end of an RJ45 Ethernet cable to LAN OUT port of the PoE Injector and the other end to Port 4 of the access point.
Connect the RJ45 Ethernet cable attached to the PoE Injector to your PC’s Ethernet network adapter. Once you have finished configuring the access point, you can connect the PoE Injector’s RJ45 Ethernet cable to your network device, such as a switch or a hub. Connect the power adapter supplied in the PoE kit to the main electrical supply and the power plug into the socket of the injector. Note: DO NOT interchange the access point and PoE power adapters. The voltage and current supply is incompatible.
Turn on your power supply. Notice that the Power LEDs have lighted up. This indicates that the access point is receiving power through the PoE Injector. Notice also that the Port 4 LEDs have lighted up. This indicates that connection between the access point and your PC has been established.
Chapter 4: Accessing the Web Interface This chapter consists of the following: Overview of alternatives to access the web interface How to uConfig to the web interface How to browse to the web interface Overview of alternatives The access point can be configured with the web interface. After connecting the access point to your PC, there are two methods of accessing its web interface: Installing and running the uConfig utility. Changing your web browser settings.
After installation, your PC will automatically detect connected products. Double-click on the uConfig utility icon to run the program. Running uConfig 1 1. Ensure that the access point is selected under the Products List. 2. Click on Open Web. This opens the access point login screen. 2 This screen prompts you not to exit uConfig while accessing the web interface or else connection to the device will fail. Click on the OK button to proceed.
How to Browse to the Web Interface Browsing to the web interface Open your Command prompt window and type in: ping 192.168.168.1 to verify that your PC can communicate with the access point. If your TCP/IP settings are correct, you will get replies to this ping command. 1. 2. 3. 4. 1. At the address http://192.168.168.1 bar, Launch your web browser. Under the Tools tab, select Internet Options. Open the Connections tab. In the LAN Settings section, disable all the option boxes. type: 2.
Chapter 5: Setting up a WLAN This chapter applies exclusively to Wireless Setup (a/b/g) and Wireless Setup (b/g). Wireless Setup (a/b/g) supports IEEE 802.11a, IEEE 802.11b only, IEEE 802.11b/g mixed, and IEE 802.11g only wireless LAN connections. Wireless Setup (b/g) supports IEEE 802.11b only, IEEE 802.11b/g mixed, and IEE 802.11g only wireless LAN connections.
Operation Modes Access Point Mode This is the default mode of your access point. The Access Point mode enables you to bridge wireless clients to access the wired network infrastructure and to communicate with each other. In the example above, the wireless users will be able to access the file server connected to the switch through the access point in Access Point mode.
Client Mode In Client mode, the device acts as a wireless Client. When connected to an access point, it will create a network link between the Ethernet network connected at this Client device, and the wireless and Ethernet network connected at the access point. In this mode it can only connect with an access point.
Wireless Routing Client Mode An application of this mode would be for the Ethernet port of the Wireless Routing Client to be used for connection with other devices on the network while access to the Internet would be achieved through wireless communication with wireless ISP. The above illustration describes how this mode operates. Optional additional feature: Point-to-Point connection in this operation mode is also supported if you specifically wish to connect with an AP only.
Transparent Client Mode In Transparent Client Mode, the access point provides connection with an AP * acting as Root AP. This operation mode is designed for implementation of Point-to-Point and Point-to-MultiPoint connections. Point-to-Point An access point acts as Root AP and 1 other access point acts as Transparent Client. Point-to-MultiPoint An access point acts as Root AP and several other access point acts as Transparent Clients.
Difference Between other client modes and Transparent Client Mode Other client modes Connectivity with any standard APs. All devices connected to the Ethernet ports use a common MAC address for communications with the AP. Transparent Client Mode Connectivity with RootAP-supported APs. Devices connected to the Ethernet ports flow through freely and transparently without the MAC address restriction.
To Set Up a Wireless LAN Follow these steps to setup your wireless LAN. WLAN Setup (a/b/g) 1 Click on WLAN Setup(a/b/g) from the CONFIGURATION menu. 2 Select Basic to make changes. If you disable the card, you will not be able to use the features of this wireless card. If you wish to disable the card, click on the Click to Disable This Wireless Card button. Click Reboot in Reboot System page. Rebooting page displays and machine reboots.
3 The access point supports wireless LAN connectivity that is fully compliant with the IEEE 802.11g, IEEE 802.11a, and IEEE 802.11b standards. It also employs different security modes to secure the data transmission of the wireless clients within your network. The Current Mode is defaulted to Access Point. To change the mode, click on the 4 To change the wireless mode, make a selection from the dropdown box.
Wireless mode : Select from the list of wireless modes available: 802.11a (not supported by WLAN Setup for b/g) This mode supports wireless A clients with data rates of up to 54Mbps in the frequency range of 5GHz. 802.11b only This mode supports wireless B clients with data rates of up to 11Mbps in the frequency range of 2.4Hz. 802.11g only This mode supports wireless G clients with data rates of up to 54Mbps in the frequency range of 2.4Hz. Country : Channel : Tx Rate : 802.
Point-to-Point & Point-to-MultiPoint Setup You can implement Point-to-Point connection by simply setting one access point as RootAP in Access Point mode and setting the other access points to Transparent Client mode. You can set a root access point and a transparent client to allow pointto-point communication between different buildings and enable you to bridge wireless clients that are kilometres apart while unifying the networks.
RootAP Step 2: Select Act as RootAP, click on the Apply button and reboot your device to let your changes take effect.
Follow these steps to setup Transparent Client/s. Transparent Client Step 1: Click on WLAN Setup from the CONFIGURATION menu. You will see the sub-menus expanded under WLAN Setup. Click on Basic. Ensure that The Current Mode is set to Transparent Client. To change The Current Mode, please refer to: Common Configuration – WLAN Setup - To Configure the Basic Setup of the Wireless Mode.
Transparent Client Step 2: Select the Remote AP MAC checkbox. Enter the Remote AP MAC. Note: When using Remote AP MAC, the ESSID name must also match the AP’s ESSID name, especially when Closed System is enabled on the AP. Repeat Transparent Client step to add more points to the Point-toMultiPoint connection.
Channel Survey Follow these steps to perform a channel survey to get the recommended channel for the access point. Channel Survey 1 Click on WLAN Setup(a/b/g) from the CONFIGURATION menu. 2 Click Channel Survey to perform a channel survey. 3 The Channel Survey Status page displays with the recommended channel. In this page you may: • Select channel to apply. • Click Apply to apply selected channel. • Click Refresh to perform another channel survey. • Click Back if you do not wish to make any changes.
Channel Survey This table describes the read-only parameters of all channels that can be viewed from the Channel Survey page. Description Parameters Freq : Refers to the frequency of the channel at which your access point is operating. Channel : Refers to the channel of the access point being used for transmission depending on its origin of country. MyQuality : Indicates the interference level of respective channel with this AP. The lower the value, the less interference.
How to Make Your WLAN More Secure All your network clients MUST share the same wireless settings as the access point to be able to communicate. The access point offers 8 types of security modes: WEP Short for Wired Equivalent Privacy, WEP is a security protocol basing on a secret key to encrypt data packets before they are transmitted. You MUST remember to apply the same WEP settings and key to the access point as well as to all your wireless clients. 802.1x This mode conforms to the IEEE 802.
WPA2 Enterprise WPA2 Enterprise mode implements the full IEEE 802.11i standard and 802.1X authentication. There MUST be a RADIUS server on your LAN for this security mode to function. WPA Auto Personal WPA Auto Personal mode implements a shared network password for clients and access points and if there are no WPA enabled access points available with the given SSID in WPA Personal mode, the unit will attempt to associate with a non-WPA point with the given SSID, if available.
The subsequent sections illustrate how to configure each security mode. Begin with following the two common preliminary steps shown below to select the most appropriate security mode to protect your wireless communications. Selecting a security mode 1 Click on WLAN Setup(a/b/g) from the CONFIGURATION menu. Select Security. 2 1. Make a selection from the Security Mode drop down menu. The Security Mode is disabled by default. 2. Click on Apply.
How to Setup WEP WEP 1 You can define up to 4 WEP keys. For each key, you can specify: The Key Entry Method, by selecting either: Hexadecimal ASCII text The encryption level, from the dropdown list: 64-bit 128-bit Click Edit to set the keys, and then click Apply.
2 For hexadecimal key entry: 1. Select the Hex radio button. 2. Select the radio button of the key to be entered. 3. Select the key encryption mode from the drop down menu. 4. Fill in the key value. A hexadecimal value is made of digits 0-9 and letters A-F, and is NOT case-sensitive. For 64-bit encryption: Your WEP key has to be 10 hex digits long. For 128-bit encryption: Your WEP key has to be 26 hex digits long. 5. Click on Apply. 6.
3 For ASCII key entry: 1. Select the ASCII radio button. 2. Select the radio button of the key to be entered. 3. Select the key encryption mode from the drop down menu. 4. Fill in the key value. An ASCII value can take in any alphanumeric character and is NOT case-sensitive. For 64-bit encryption: Your WEP key has to be 5 characters long. For 128-bit encryption: Your WEP key has to be 13 characters long. 5. Click on Save. 6.
How to Setup 802.1x 802.1x 1 1. Key in the IP address of the Primary RADIUS Server in your WLAN. Optional: You may also key in a Secondary RADIUS Server, if any. Note: The RADIUS server MUST be in the same subnet as the access point. 2. The Authentication Port is preset as 1812, but another port number can be used. Note: The Authentication Port MUST match the corresponding port of the RADIUS server. 3. Enter the Shared Secret Key, known only to you and the RADIUS server. 4.
How to Setup WPA Enterprise Modes Follow these steps to setup the access point to use WPA Enterprise, WPA2 Enterprise, and WPA Auto Enterprise. WPA Enterprise 1 1. Select the Cipher Type to implement: • TKIP • AES • AUTO The Cipher Type is set to AUTO by default so that the access point can automatically detect which cipher type can be supported by the client. 2. Key in the IP address of the RADIUS Server in your WLAN. Note: The RADIUS server MUST be in the same subnet as the access point. 3.
How to Setup WPA Personal Follow these steps to setup the access point for using WPA Personal, WPA2 Personal, and WPA Auto Personal. WPA Personal 1 1. Fill in the Passphrase or preshared network key. 2. Select the Cipher Type to implement: • TKIP • AES • AUTO. The Cipher Type is set to AUTO by default so that the access point can automatically detect which cipher type can be supported by the client. 2 1. Click Apply. 2.
Advanced WLAN Settings Follow these steps to change the radio settings of the access point. Editing Advanced Settings 1 1. Click on WLAN Setup (a/b/g) from the CONFIGURATION menu. 2. Select Advanced. 2 1. Set the Beacon Interval (the time lapse between every beacon sent) to any value between 200 and 1000. It is preset as 200 seconds. 2. Set the Data Beacon Rate from 1 to 16384.
6. Select whether to enable Station Isolation. This security feature implements isolation, in order to prevent network clients from attacking other network clients. 7. The Antenna Control function allows you to control whether to use the: • MAIN antenna (Default) • AUX (Auxiliary) antenna OR • Diversity, to monitor the signal from each antenna and automatically switch to the one with the better signal. 8.
Long Distance Parameters It is necessary to adjust the long distance parameters, only if the distance is 100 meters and beyond. Follow these steps to change the long distance parameters of the access point. Editing Long Distance Parameters 1 1. Click on WLAN Setup (a/b/g) from the CONFIGURATION menu. 2. Select Advanced. 1. Click Long Distance Parameters.
3 1. Select whether to Enable or Disable Outdoor operation. 2. Enter Distance of the unit in meters. 3. Enter the SlotTime. 4. Enter the acknowledgement timeout. 5. Enter the CTS timeout. 6. Click Apply. This dialog box displays if the Distance entered is less than 100 meters. To view recommended long distance parameters: Click Show Reference Data button.
WMM Wireless Multimedia (WMM) is a QoS (Quality of Service) standard in IEEE802.11E that we have adopted to improve and support the user experience for multimedia, video, and voice applications by prioritizing data traffic. QoS can be realized through 4 different Access Categories (AC). Each AC type consists of an independent transmit queue, and a channel access function with its own parameters.
Follow these steps to change the setup Wireless Multimedia on your access point. Setting WMM 1 1. Click on WLAN Setup (a/b/g) from the CONFIGURATION menu. 2. Select Advanced. Click WMM Settings. 2 1. 3 Select to Enable Wireless Multimedia (WMM) 2. Enter the desired WMM parameters. Using the default parameters is recommended. 3. Click Apply to apply the WMM settings, click Default to reset all parameters to default, or click Back to discard any changes and return to WLAN Basic Setup page.
WMM Parameters (for advanced users) AIFs (Arbitrary InterFrame Space) Cwmin (Contention Window Minimum) CwMax (Contention Window Maximum) TxOp limit (Transmit Opportunity Limit) NoAck (No Acknowledgement) ACM (Admission Control Mandatory) Arbitrary Inter-Frame Space is the minimum wait time interval between the wireless medium becoming idle and the start of transmission of a frame over the network.
Statistics Follow these steps to view the WLAN detailed connections statistics per WLAN station. Statistics 1 1. Click on WLAN Setup (a/b/g) from the CONFIGURATION menu. 2. Select Statistics. 2 1. Select the WLAN connection to view statistics of. • Click Refresh to refresh the WLAN Connection List. • Click Back to return to the WLAN Basic Setup page. 3 The WLAN displays. connection’s statistics Click Back to return to WLAN Basic Setup page.
Virtual AP (Multiple SSID) Virtual AP implements mSSID (Multi-SSID) whereby a single wireless card can be setup with up to 16 virtual AP connections with different SSIDs or BSSID (Basic Service Set Identifier) and security modes. Virtual AP delivers multiple services by VLAN segmentation: making the network think there are many SSIDs available and channeling each connection through different VLANs to the respective virtual network segments on the Ethernet network.
Virtual AP 1 1. 2. Click on WLAN Setup (a/b/g) from the CONFIGURATION menu. Select Virtual AP. 2 Virtual AP List page displays. • Click Apply to register changes. • Click Clear to clear Virtual AP List. • Click Back to return to WLAN Basic Setup page. • Select the Delete option beside any Virtual APs you wish to delete. Click Add to goto add Virtual AP page. 3 1. Enter ESSID name. 2. Settings: 3. 4.
Preferred APs (Only available in Client Mode) When there is more than one AP with the same SSID, the Preferred APs function allows you define the MAC address of the APs in order of preference. The MAC address at the top of the Preferred APs list has the highest connection preference, and the MAC address at the bottom has the lowest connection preference. Follow these steps to specify your preferred APs. Preferred APs 1 1. Click on WLAN Setup (a/b/g) from the CONFIGURATION menu. 2. Select Preferred APs.
Antenna Alignment The Antenna Alignment function helps you find the best alignment for the access point antenna by measuring the quality of the signal. For best results during the antenna alignment, turn off all wireless networking devices within range of the access point except the device with which you are trying to align the antenna. Follow these steps to setup your wireless LAN. Antenna Alignment 1 1. Click on WLAN Setup (a/b/g) from the CONFIGURATION menu. 2. Select Antenna Alignment. 2 1.
Chapter 6: Configuration This chapter describes the different features of the access point and explains how to customise them to meet your network requirements. Setting up the access point in your LAN SNMP (Simple Network Management Protocol) Setup Setting Up the Access Point in Your LAN The following table lists out the parameters relevant to your LAN setup. You can replace the default settings with appropriate values to suit the needs of your LAN.
respectively, the DHCP End IP Address should be 192.168.168.X where X is any value from 2 to 254. It is preset as 192.168.168.254. DHCP Gateway IP Address Enter the IP address of the gateway to Internet or of the access point if it is the one connecting to the Internet. If your network uses multiple gateways / access points, you may set the access point as DHCP server to a LAN segment while another access point connects to the Internet or to another LAN.
Setting Up Your LAN Follow these steps to change the values and customise them for your LAN settings. LAN Setup 1 Click LAN Setup from CONFIGURATION menu. the 2 1. Amend the relevant fields in the LAN Setup page. 2. Click Apply, changes.
To View the Active DHCP Leases Follow these steps to display the active IP address leases allocated by the built-in DHCP server. To view the active DHCP leases 1 1. Click LAN Setup from the CONFIGURATION menu. 2. In LAN Setup page, go to Advanced DHCP Server Options. 3. Click Show Active DHCP leases. 2 ! The DHCP Active Leases table displays: The IP Address that has been allocated to the DHCP client. The Host Name of the DHCP client. The Hardware Address (MAC) of the DHCP client.
To Reserve Specific IP Addresses for Predetermined DHCP Clients You can reserve a fixed IP address for a predetermined client (identified by its MAC address) to exclude it from the pool of free IP addresses the DHCP server draws on for its dynamic address allocation.
3 If you do not need the DHCP server to reserve an IP address anymore, you can delete the DHCP Server Reservation: 1. Select the reserved IP address to delete. 2. Click Delete. 3. The DHCP Reservations table will refresh to reflect the changes.
Spanning Tree Protocol Spanning Tree Protocol is a link management protocol that provides path redundancy while preventing undesirable loops in the network. For an Ethernet network to function properly, only one active path can exist between two stations. Multiple active paths between stations cause loops in the network. If a loop exists in the network topology, the potential exists for duplication of messages. When loops occur, some switches see stations appear on both sides of the switch.
STP Status: Spanning Tree Protocol (STP) function makes your network more resilient to link failure and avoids loop formation. Priority: Specify the priority given to the AP. This value determines which access point acts as the central reference point, or Root AP, for the STP system — the lower the priority value, the more likely the access point is to become the Root AP.
MAC Filtering MAC Filtering acts as a security measure by controlling the users accessing to the network through their MAC address. Each WLAN or radio card supports up to 16 virtual access points and has its own MAC address listing. The client MAC addresses entries can be set apply to all, or to only selected virtual access points. ! NOTE: Only the MAC addresses of wireless clients associated with the AP are filtered.
Add a MAC address to the MAC Address List. Step 1: Select MAC Filtering from WLAN Setup(a/b/g). MAC Address Filtering page displays. In this page you may also set the MAC Filtering Status to Enable or Disable for access points and set the Policy to either Accept or Deny MAC addresses. MAC Filtering set to Enable with Policy to Accept only the MAC addresses in the MAC Filter Address List and deny all other MAC addresses.
Step 2: MAC Filter Address List page displays. Click the Add button. Step 3: Add MAC Address page displays.
Step 4: Enter the MAC Address of the client in the format xx-xx-xx-xx-xx-xx, where x can take any value in the range 0-9 or a-f. Enter the Comment. This describes the MAC Address you have entered. To apply to all virtual access points: Check Apply to All. To apply to specific virtual access point: Select the checkbox of the corresponding AP. Click the Apply button. Step 5: MAC Filter Address List page displays with updated MAC Address List.
Delete a MAC address from all access points. Step 1: Select MAC Filtering from WLAN Setup(a/b/g). MAC Address Filtering page displays. Click View Complete MAC List. (This displays the MAC Address List of the radio card.) Step 2: MAC Filter Address List page displays. Select the checkbox of the MAC address you wish to delete. Click the Delete button.
Step 3: MAC Filter Address List page displays with updated MAC Address List.
Delete a MAC address from individual access point. Step 1: Select MAC Filtering from WLAN Setup(a/b/g). MAC Address Filtering page displays. Click Edit for the corresponding access point. Step 2: MAC Filter Address List page displays. Select the checkbox of the MAC address you wish to delete. Click the Delete button.
Step 3: MAC Filter Address List page displays with updated MAC Address List.
Edit MAC address from the MAC Address List. Step 1: Select MAC Filtering from WLAN Setup(a/b/g). MAC Address Filtering page displays. Click Edit. Step 2: MAC Filter Address List page displays. Select the MAC address to edit.
Step 3: The Edit MAC Address page displays. Edit the MAC address settings accordingly. Click Save. Step 4: MAC Filter Address List page displays with updated MAC Address List.
Chapter 7: Security Configuration The Security Configuration chapter covers: Firewall Configuration Firewall Logs Packet Filtering URL Filtering Multicast Filtering The access point makes use of Packet Filtering and Stateful Packet Inspection (SPI) to examine each message entering or leaving your LAN and block those that do not satisfy your specified security criteria.
Firewall Configuration Follow these steps to configure the firewall. Firewall Configuration 1 Click Firewall Configuration from the Security Configuration menu. 2 1. Enable the firewall. You can choose the Default Low, Default Medium, or Default High security options for convenient setup. 2. Choose the type of network activity information to log for reference. Data activity arising from different types of protocol can be recorded. 3.
5. More firewall rules can be added for specific security purposes. Rule Name : Disposition : Policy Enter a unique name to identify this firewall rule. This parameter determines whether the packets obeying the rule should be accepted or denied by the firewall. Choose between Accept, or Deny. Protocols : Users are allowed to select the type of data packet from: TCP, UDP, ICMP, IGMP, or ALL.
it sends datagrams because of congestion. Redirect Informs the host of a preferred route. Time exceeded Indicates that the Time-to-Live (TTL) of an IP datagram has expired. Parameter Informs that host that there is a problem in Problem one the ICMP parameter. Timestamp Information that is from the ICMP data Request packet. Information Information that is from the ICMP data Request packet. Information Reply Information that is from the ICMP data packet.
Check Options : This parameter refers to the options in the packet header. The available selection options are abbreviated as follows: SEC – Security LSRR – Loose Source Routing Timestamp – Timestamp RR – Record Route SID – Stream Identifier SSRR – Strict Source Routing RA – Router Alert Check TTL : This parameter would let you screen packets according to their Time-To-Live (TTL) value available options are: 1. Equal 2. Less than 3. Greater than 4.
3 1. Rule Number ranges from 1 to 40. Precedence is determined in ascending order such that rule 1 takes precedence over rule 2. 2. Select whether to Deny or to Accept packets for the Disposition Policy. 3. Pick the relevant Protocol. 4. For ICMP Types, select the checkboxes according to the ICMP information for the gateway to discard/collect. 5. Similarly, the IGMP Types section lets you choose which IGMP packets to discard/ record. 6.
9. Similarly, determine Destination Port. the 10. Select from Check Options. 11. Select whether to log packets of TTL Values Equal, Less, Greater, or Not Equal to the defined TTL value. 12. Enter TTL value. 13. Click Apply settings. ! to apply NOTE: Up to 40 firewall rules can be defined, with precedence determined by the rule number. For example: If Rule 5 blocks all ICMP packets in your LAN, but Rule 6 authorises ICMP-Redirect packets in the LAN, the ICMP Redirect packets will still be blocked.
Firewall Logs As described previously, from the Firewall Configuration page the data traffic to be logged by the access point can be defined. The Firewall Log also records any UDP flooding or SYN flooding attacks on your network. Firewall Logs 1 Click Firewall Logs from the Security Configuration menu. 2 1. A firewall log entry consists of: Time at which the packet was detected by the firewall. Action, which states whether the packet was accepted or denied. Protocol type of the packet.
Packet Filtering With Packet Filtering enabled, the access point examines all outgoing packets before deciding - according to predefined rules - whether to block them or to let them pass. The setting of rules to control the network user access should be done by the system administrators.
Follow these steps to setup packet filtering. Packet Filtering 1 Click Packet Filtering from the Security Configuration menu. 2 Clicking Change select Packet Filter Type. 3 Select from three choices: Disabled, Sent, Discarded, then click Apply. The default is Disabled, allowing all packets to be sent. ` 4 Click Add. The following steps guide you through the packet filter rules that can be defined on this page. 4a). Enter Rule Name of the new packet filtering rule.
4b). From the IP Address dropdown list, select whether to apply the rule to: A Range of IP addresses. Define (From) which IP address (To) which IP address, the rule applies. A Single IP address. You need only specify the source IP address in (From). Any IP address Both (From) and (To) may be left blank. 4c). From the Destination Port dropdown list, select whether to apply the rules to: A Range of IP addresses. Define (From) which IP address (To) which IP address, the rule applies. A Single IP address.
The format is HH:MM - where HH can take any value from 00 to 23, and MM can take any value from 00 to 59. Any time Both (From) and (To) may be left blank. Click Apply, to apply the new rule. The Filtering Configuration table updates. In this example, the rule BlockCS blocks any IP address (any PCs within the network) from an application using port 27015 from Monday to Friday, 7am to 6pm.
URL Filtering The URL Filtering feature of the access point makes it easy to block certain websites from LAN users. URL Filtering 1 Click URL Filtering from the Security Configuration menu. 2 The URL Filter Type can be defined by clicking Change. Selecting Block Select Block or Allow, then click Apply. The default is Disabled, allowing all websites to be accessed. Click Add.
Selecting Allow 3 In Host Name, enter the web site address to be blocked. For example: www.objectionablewebsites.com Click Add to complete setup.
Multicast Filtering This feature lets you allow or disallow streaming over the Internet, if you have registered to ISP services providing videos and TV channel streaming. Multicast Filtering 1 Click Multicast from Configuration menu. the Security 2 Enabling video the filter streaming disallows over the Internet whereas disabling the filter would allow it. Click Apply to complete setup. Note: This feature is enabled by default.
Chapter 8: Enabling and Disabling Router The unit can operate either as: Access Point Access Point and Router (when routing is enabled) Setting Up as Router The unit operates as a router by default. Follow these steps to enable router operation support. Enable Router Click Enable Routing CONFIGURATION menu. 1 2 from the Enable Routing Capability displays. Click Enable Routing Capability.
Setting Up as Access Point Follow these steps to disable the unit as a router and switch back as an access point. Disable Router 3 1 Click WAN Setup CONFIGURATION menu. 2 Click Disable Router. from the The Disable Router Function appears. Click Disable Router again. For more details on setting up WAN, refer to Chapter 8 Router Setup – WAN Setup.
Chapter 9: Router Setup This chapter describes the different features when it is set to operate as a router. Broadband Internet Using NAT Routing Remote Management Parallel Broadband DDNS (Dynamic Domain Name System) Setup Features unsuitable for office network: Universal Plug and Play DNS (Domain Name System) Redirection ! NOTE: Universal Plug and Play and DNS Redirection features are not designed for operation in an office network.
WAN Setup The configuration for each type of broadband Internet connection is shown in the following individual sections. The system has to be restarted to effect changes in settings. Start with these common steps to set the broadband connection type. Changing the WAN Type 1 Click WAN Setup CONFIGURATION menu. from the The setup page of the WAN type last implemented will be displayed.
Static IP If you have subscribed to a specific IP address or to a fixed range of IP addresses from your ISP, follow these steps. Static IP Configuration 1 Select Static IP Address from Select WAN Type page and click Apply. 2 At the Static IP WAN Setup page: 1. Enter the IP Address, Network Mask, and Gateway IP Address provided by your ISP. 2. Click Apply. 3. Click Reboot System to restart the system and let the changes take effect.
Dynamic IP This is the default WAN Type of the access point. In this connection mode, your ISP will automatically assign its IP address. This connection mode applies to most cable Internet subscribers, for instance: Singapore Cable Vision subscribers. @HOME Cable Service users. Follow these steps to setup Dynamic IP. Dynamic IP Configuration 1 Select Dynamic IP Address as WAN Type. 2 At Dynamic IP WAN Setup page: 1.
PPPoE Select this connection type if you have subscribed to ADSL in a country utilising standard PPPoE for authentication, for instance: If you are in Germany, which uses T-1 connection. If you are a SingNet Broadband or Pacific Internet Broadband user in Singapore. These are the parameters in the PPPoE setup. PPPoE Parameter Description Username This refers to your broadband account username. Password This refers to your broadband account password.
Follow these steps to setup PPPoE. PPPoE Configuration 1 Select PPP over Ethernet from the Select WAN Type menu. 2 At the PPPoE WAN Setup page: 1. Enter your broadband Internet account parameters in the relevant fields. 2. The Status section displays connection settings such as: 1. IP Address 2. Network Mask 3. Gateway IP Address 4. Primary & Secondary DNS 3. If you are online, clicking Disconnect will disconnect your connection. 4. Click Apply. 5.
PPTP The Point-to-Point Tunneling Protocol (PPTP) enables the implementation of secure multi-protocol Virtual Private Networks (VPNs) through public networks, enabling secure remote access at lower cost. Follow these steps to setup PPTP. PPTP Configuration 1 Select PPTP as your WAN Type at Select WAN Type page. 2 At the PPTP WAN Setup page: To use Email Notification, please refer to Chapter 8: Router Setup – Broadband Internet – WAN Setup Email Notification 1. Select whether to enable DHCP. 2.
L2TP L2TP (Layer 2 Tunneling Protocol) is an extension to the PPP protocol used for Virtual Private Networks (VPNs) that supports multiple protocols and unregistered and privately administered IP addresses over the Internet. Follow these steps to setup L2TP L2TP Configuration 1 Select L2TP as your WAN Type at Select WAN Type page. 2 At the WAN L2TP Setup page: 1. 2. 3. 4. 5.
Email Notification This feature notifies you by email if there is a change in the WAN IP address. Follow these steps to setup Email Notification. Email Configuration 1 After applying WAN PPPoE Setup, WAN PPTP Setup, or L2TP. The WAN Setup screen of the WAN Type displays. (PPPoE shown in this example. Click Email Notification. 2 Click Enable and enter the following fields: Email address of Receiver: The email will be sent to this address.
Email address of Sender: This is the email address that will appear as the sender. Needs Authentication specifies whether the SMTP server requires authentication, and is not selected by default. Click Apply.
MAC Address Cloning The access point has the ability to clone MAC addresses. Follow these steps to clone MAC address. MAC Address Cloning 1 Select WAN Setup Configuration menu. from the 2 Select MAC Address Cloning from Advanced WAN Options. 3 Click Clone to clone and change the Current MAC. Click Reset to reset the Current MAC to the Factory Default. Click Back to return to WAN Setup page.
Link Speed & Duplex The access point supports connection link speeds of 100Mbps at full duplex and 10Mbps at half duplex, and can also automatically detect the correct setting. Auto MDIX (Medium Dependent Interface Crossover) feature automatically detects whether a straight-thru or crossover cable is being used. Follow these steps to set link speed and duplex, and set whether to enable or disable Auto MDIX. Link Speed and Duplex 1 Select WAN Setup from Configuration menu.
Using NAT NAT (Network Address Translation) functions by transforming the private IP address of packets originating from hosts on your LAN so that they appear to be coming from a single public IP address, and by restoring the destination public IP address to the appropriate private IP address for packets entering the private network. The multiple PCs on your LAN would then appear as a single client to the WAN interface. Enabling/Disabling NAT NAT 1 Click NAT from CONFIGURATION menu.
When NAT is enabled, your LAN is not accessible to the WAN. However, implementing virtual servers allows you to host Internet servers such as web servers, FTP servers or Mail servers on your LAN, in spite of NAT. To Setup a De-Militarised Zone Host If NAT is enabled, a request from the client within the private network first goes to the access point. Upon receiving a request, the access point keeps track of which client is using which port number.
DMZ 1 1. Click NAT from the CONFIGURATION menu. 2. Ensure that NAT Status is set to Enable. At the Advanced NAT Options section: 3. Click DMZ. 2 1. In the Private IP Address field, enter the IP address of the PC you wish to place within the DMZ. Private IP Address is set to 0.0.0.0 by default. 2. 3 To disable DMZ: 1. In Private IP Address field enter 0.0.0.0. 2. ! Click Apply. Click Apply. NOTE: 1.
To Setup Port Forwarding Port forwarding allows the access point to redirect any incoming Internet request bearing a public IP address to a specific PC on your LAN, based on the incoming packet’s TCP/UDP port number. Hence, using TCP port forwarding, you can hide your web-server behind the access point for added security, while UDP port forwarding lets you run a secure multiplayer game server. The following diagram shows the access point with a public IP address of 203.120.90.
Follow these steps to setup port forwarding. Port Forwarding 1 1. Click NAT from the CONFIGURATION menu. 2. Ensure that NAT Status is set to Enable. At the Advanced NAT Options section: 3. Click Port Forwarding.
2 The Port Forward Entries table displays the list of current port-based entries. Click Add. 3 For standard server applications (HTTP/FTP/POP3/Netmeeting), go to Known Server: 1. Enter the Private IP Address. 2. Pick the appropriate Server Type. 3. Enter the range in the From: and To: fields. 4. Click Add. To set up Internet applications not included under Known Server, go to Custom Server: 1. Enter the Private IP Address. 2. Define the Port numbers to use. 3.
NAT Static Port Based Entries reflects the new entry. 4 To assign more servers in your LAN: 1. Click Add. This will bring you back to Add New NAT Port-Based Entry. 2. Repeat Step 3 above. To delete table entries: 1. Select the entry to delete. 2. Click Delete. The table will refresh.
The following is a non-exhaustive list of well-known port numbers: Application Echo Daytime FTP SMTP (Simple Mail Transfer, i.e.
IP Forwarding If you have subscribed to more than one IP address from your ISP, you may define Virtual Servers based on their IP address so that incoming Internet requests are forwarded to specific computers within the private network. Assuming you subscribe to the range of Public IP addresses 203.120.12.1 to 203.120.12.62 from your ISP and the PC hosting a server has a LAN IP address of 192.168.168.100: To define the Internet Server as having an IP address of 203.120.12.
3 1. Enter the Private IP Address of your virtual server as identified in your LAN. 2. Enter the Public IP Address of the server, as known outside your LAN. 3. Click Add. 4 NAT Static IP Address Entries reflects your new entry. To assign more servers in your LAN: 1. Click Add. This will bring you back to Add New NAT IP Address Entry. 2. Repeat Step 3 above. To delete table entries: 1. Select the entry to delete. 2. Click Delete. The table will refresh.
Routing The access point supports both static routing for manual routing table entry addition, and dynamic routing for automatic routing table update. ! NOTE: The default settings of the access point allows broadband Internet sharing so there is no need to configure any further routing information. Improper routing settings might cause improper functioning. The following diagram illustrates a wireless LAN having subnet 192.168.168.0 in which the access point (X) with IP address 192.168.168.
Static Routing Follow these steps to add entries to your access point’s routing table for rerouting of IP packets to another network. Static Routing 1 Click Routing from CONFIGURATION menu. the 2 The IP Routing Table displays the list of current routing entries. To add a static route in the IP Routing Table click Add. 3 1. Enter the Destination IP Address of your new entry. 2. Enter the Address. 3. Click Apply. Gateway IP The new entry will appear in the IP Routing Table.
4 The IP Routing Table reflects the new entry. To add more routes: 1. Click Add. This will bring you back to Add IP Route GUI. 2. Repeat Step 3 above. To delete a route: 1. Select the entry to delete. 2. Click Delete. The table will refresh.
Bandwidth Control for WAN Bandwidth Control allows you to decide the available bandwidth in levels of 1kbit. Follow these steps to setup Bandwidth Control for WAN. Bandwidth Control for WAN 1 Click Bandwidth Control CONFIGURATION menu. from the 2 Select whether to Enable or Disable Bandwidth Control and click Apply. 3 To apply Bandwidth Control on WAN, in WAN Bandwidth Control Setup: 1. Enter the Download Total Rate in kbit. This restricts the bandwidth available for downloading. 2.
Bandwidth Control for LAN Bandwidth Control allows you to decide the available bandwidth in levels of 1kbit. Follow these steps to setup Bandwidth Control for LAN. Bandwidth Control for LAN 1 Click Bandwidth Control CONFIGURATION menu. from the 2 Select whether to Enable or Disable Bandwidth Control and click Apply.
3 1. Enter the Bandwidth Control Rule Name. 2. Enter the Committed Rate in kbit. This sets the bandwidth committed. 3. Enter the Ceil Rate in kbit. This is the ceiling rate which sets the maximum bandwidth allowed. 4. Enter the Rule Type Rule Types: • Download by IP Address • Download by MAC Address • Upload by IP Address • Upload by MAC Address 5. Enter the IP or MAC Address according to the Rule Type selected. 6.
Remote Management This feature is especially helpful for users who work away from the office or from home. The user only requires Internet access to manage the network. Remote Management 1 Click Remote Management from the Device Access Management menu. 2 1. Specify the HTTP / HTTPS Port number. Note: Entering 0 would disable this feature. 80 is the default remote HTTP port. 443 is the default remote HTTPS port. 2. Click Apply. 3. Click Reboot to reboot the system to effect the changes.
Universal Plug and Play (UPnP) The following are issues that can arise when using NAT: • Some network applications assume the IP address and port that the client has been assigned are global routable values that can be used on the Internet directly. Often, this is not the case as the client has been assigned a private IP address that can only be used on the LAN.
Although NAT traversal does not solve all NAT-related issues, it allows several applications to run behind NAT-enabled devices. It is recommended that you enable UPnP when running: Multi-player games Peer-to-peer connections Real-time communications Remote Assistance • • • • UPnP 1 Click UPnP Configuration from the Configuration menu. Universal Plug and Play (UPnP) is disabled by default. 2 1. Select Status. the appropriate UPnP 2. Click Apply. 3.
Parallel Broadband exclusive! The access point is equipped with the exclusive Parallel Broadband technology, which features scalable Internet bandwidth, Load Balancing, and Fail-Over Redundancy. As there is no restriction to the type of broadband Internet account the access point can connect to, your network can run with one access point on Cable Internet, with the rest connected to ADSL at the same time.
To Enable Parallel Broadband Parallel Broadband can be implemented when: More than one access point is interconnected (LAN port to LAN port) in your network. Each access point is connected to a broadband Internet account. Parallel Broadband 1 Click Parallel Broadband from the CONFIGURATION menu. Parallel Broadband is disabled by default. 2 1. Enable Status. the Parallel Broadband 2. Click Apply. 3. Repeat this for the other of the access points in your network.
DNS Redirection DNS Redirection allows you to redirect DNS requests to a local or closer DNS server. This improves the response time and enables true plug-andplay accessibility, especially if your DNS server is behind a firewall or is situated on your private LAN. DNS Redirection 1 Click DNS Redirection from the Configuration menu. 2 DNS redirection is disabled by default. 1. 2. Set DNS Redirection status to Enable. Click Apply.
Dynamic DNS Setup It is difficult to remember the IP addresses used by computers to communicate on the Internet. It gets even more complicated when ISPs change your public IP address regularly, as is the case when the Internet connection type is Dynamic IP or PPPoE with Dynamic IP. If you are doing some web hosting on your computer and are using Dynamic IP, Internet users would have to keep up with the changing IP address before being able to access your computer.
2 On Enable/Disable Dynamic DNS page, Dynamic DNS Status is disabled by default. If you have already created a list earlier, click Refresh to update the list. 3 To add a new Dynamic DNS to the list, click Add. Choice DDNS Provider page displays. There are two default providers that you can use. The parameters are explained below: Choice: This allows you to select your preferred DDNS provider. Provider Name: This is the name of your preferred DDNS provider.
There are two predefined DDNS providers. Please note that you need to be connected to the Internet to register your DDNS account. To select 2MyDNS – Dynamic DNS Service Provider as DDNS Service Provider 1 Under the Choice column in the Choice DDNS Provider check the radio button for 2MyDNS – DNS Service Provider. Click Next. 2 At the Dynamic DNS Add page: 1. Enter your Domain Name. 2. Select Auto Detect to detect your current WAN IP address. Enter your DDNS account Username and Password.
4 Optional: In the Mail Exchanger field, enter the Static WAN IP address of the mail server configured to handle email for your domain. Select Backup Mail Exchanger to enable this service. Click Add button to save the new addition. 5 Dynamic DNS list table displays the new domain. 6 It will appear as a hyperlink to the Dynamic DNS Edit page. From this page, you can update any of the parameters, delete the domain name, or reset all parameters.
To select DtDNS as DDNS Service Provider 1 Under the Choice column in the Choice DDNS Provider check the radio button for DtDNS. Click Next. 2 At the Dynamic DNS Add page: 1. Enter your Domain Name. 2. Select Auto Detect to detect your current WAN IP address. Enter your DtDNS account Username and Password. 3. Click Add. 3 Example: While the new domain name, cool.3d-game.
SNMP Setup SNMP (Simple Network Management Protocol) is a set of protocols that facilitates the exchange of management information between network devices. It enables network administrators to manage network performance, detect and solve network problems, and plan for network growth. Follow these steps to setup SNMP. SNMP Setup 1 Click SNMP Setup from CONFIGURATION menu. the 2 1. From the SNMP drop-down list, select Enable.
SNMP Trap The SNMP Trap provides notification of significant network events through unsolicited SNMP messages. This results in substantial savings of network resources by eliminating the need for unnecessary SNMP requests. Follow these steps to setup SNMP Trap. SNMP Trap 1 Click SNMP Setup from CONFIGURATION menu. the 2 1. Select whether to Enable or Disable the SNMP Trap. 2. Enter the Trap Destination IP Address or Name. This is the IP address of the SNMP manager. 3. Enter the Community.
Telnet/SSH Setup Telnet allows a computer to remotely connect to the access point CLI (Command Line Interface) for control and monitoring. SSH (Secure Shell Host) establishes a secure host connection to the access point CLI for control and monitoring.
Follow these steps to setup Telnet/SSH. Telnet/SSH Setup 1 Click Telnet/SSH Setup from the Device Access Management menu. 2 1. 2. 3. To enable Telnet Server: Select Telnet Server Enable and enter the Port Number. To enable SSH server: Select SSH Server Enable and enter the Port Number. Click Apply.
User Management User Management Click User Management from the Device Access Management menu. 1 To add user: 2 1. Click Add button. 2. In Add User Entry Page, enter User Name, Password, Confirm Password, specify whether to allow Telnet/SSH, and specify whether user is granted permission to Read Only or Read/Write, specify whether to allow SNMPV3, and specify whether user is granted permission to Read Only or Read/Write 3. Click Apply. To Delete User: 1. Select which user to Delete. 2.
TELNET CLI Telnet CLI (Command Line Interface) The user may connect to the CLI (Command Line Interface) via a TELNET session to the default IP, 192.168.168.1. This section uses Microsoft TELNET command for instruction. You may use any TELNET client. Connecting to CLI (Command Line Interface) via TELNET 1. Connect to CLI (Command Line Interface) with the following command at DOS prompt. The TELNET application will then be launched and connected. C:\WINDOWS\TELNET 192.168.168.1 2.
SSH CLI (Secure Shell Host Command Line Interface) SSH CLI (Secure Shell Host Command Line Interface) SSH is designed and created to provide the best security when accessing another computer remotely. Not only does it encrypt the session, it also provides better authentication facilities and features that increase the security of other protocols. It can use different forms of encryption and ciphers. The first diagram below shows a telnet session.
SSH CLI has a command line interface like shown below for example.
Web Management Setup HTTPS (SSL) is supported in addition to the standard HTTP. HTTP (SSL) features additional authentication and encryption for secure communication. Follow these steps to setup web management. Web Management Setup 1 Make selection from the Device Access Management menu. 2 1. Select whether to set web server to HTTP or HTTPS (SSL) mode. Login Timeout is the period of inactivity in seconds that user will stay logged in. 2. Login Timeout is enabled to 300 seconds by default. 3.
3 Web service restarts automatically. Web session logouts. You may reconnect using the new web service using the relogin link displayed on the IP address or Web Mode changed page.
Chapter 10: Web Interface Utilities This chapter describes the use of: The System Tools menu The Help menu Using the SYSTEM TOOLS Menu Ping Utility The Ping Utility works like the commonly used Ping.exe program in Command Prompt. It allows pinging of IP addresses or domain names. Follow these steps to use the Ping Utility. Ping Utility 1 Click Ping Utility from the System Tools menu. 2 Enter the Target Host IP Address or Domain Name and click Start to begin pinging.
3 The Ping Utility pings the target with 10 packets of 56 bytes data and displays the results and statistics at the end. Click Back to return to the previous Ping Utility page.
Syslog Syslog forwards system log messages in a network to a machine running a Syslog listening application. It is used to help in managing the computer system and increase security on the network. Freeware supporting Syslog is widely available for download from the Internet. This section shows how to: • Setup Syslog. • View logged information. The System Log Setup page allows the user to: • Enable or Disable system logging.
Step 2: Select to Enable Syslog. Step 3: Enter the Remote IP Address or Domain Name Step 4: Enter the Remote Port Step 5: Click Apply to make the changes. Follow these sample steps to view logged information: Step 1: Search for a Syslog listening application. Step 2: Select a Syslog listening application. Step 3: Download Syslog listening application.
Step 4: Install Syslog listening application. Step 5: View logged information on Syslog listening application.
To Identify Your System If your network operates with several access points, a means of identifying each individual access point would be useful. In certain cases your ISP might request identification before dynamically allocating an IP address. The System Name of the access point can then serve as a DHCP Client ID during negotiations with the DHCP Server of your ISP. You can define the System Identity to be utilised as System Name, or as DHCP Client ID.
Follow these steps to set your system’s clock. System Clock Setup 1 Click System Clock Setup from the System Tools menu. 2 Choose the correct time zone and Enable the Auto Time Setting (SNTP) using a time server such as time.nist.gov Click Apply. To Upgrade the Firmware Version The products are designed for upgradability. Click About System from the HELP menu to check your current firmware version.
2 Ensure that the latest firmware has been downloaded onto your local hard disk drive. 1. Enter the path and file name of the downloaded file in Upgrade Firmware (path and file name). Alternatively, click locate the file. Browse to 2. Click Upgrade. 3. Follow the instructions given during the upgrading process. The access point will prompt for reboot when process completes. ! NOTE: The device might become unstable if firmware upgrade process is interrupted.
2 To save current profile: 1. Click Save. 2. Restart system to ensure the right profile is being used. To backup current settings onto hard disk drive: Click Backup. Backup To return system to earlier configuration using backup file: 1. Click Browse to search for backup file. Or enter file path name in Restore the Machine’s configuration (path and file name). 2. Browse Click Restore. To discard ALL configurations made and restore the access point to factory settings: 1. Click Clear and Reset. 2.
To Reboot Most changes in system settings require rebooting to take effect. Follow these steps to reboot the access point. Reboot System 1 Click Reboot AP from System Tools menu. the 2 You will be prompted to confirm reboot. Click Yes point. ! to reboot the access NOTE: Reboot AP or Reboot Router is displayed under System Tools depending on whether the unit is set as access point or router.
Change Your Login Password The login password is required to access the web configuration interface, through which the access point settings can be monitored Follow these steps to change password. Change Password 1 Click Change Password from the System Tools menu. 2 Note: Password is case-sensitive. 1. Enter Current Password. The default is password 2. Enter the new password in New Password and Confirm Password. 3. Click Apply.
To Logout Follow these steps to logout. Logout 1 Click Logout from the System Tools menu. 2 A login prompt displays.
Using the HELP Menu To Get Technical Support This page contains the contact information of worldwide technical support centres. Follow these steps to access the page: Get Technical Support 1 Click Get Technical Support from the HELP menu. 2 The access point is feature-packed and highly customisable. If further information is required, please contact a Technical Support Centre by email, mail, phone, or fax.
About Your System The About System page displays a summary of system configuration information that might be required by support technicians during troubleshooting. Follow these steps to view the settings. About System 1 2 Click About System from the HELP menu. The System Information page displays a summary of the access point setup parameters.
Appendix A: Configuring Your PC for Network Access This section illustrates the configuration of your computer’s TCP/IP settings for communication with the access point or other network computers.
2 Double-click the Network icon. The network configuration screen displays. 3 Check your list of network components in the network window’s configuration tab. If TCP/IP is not installed: 1. Click Add. 2. Select Protocol. 3. Click Add. On the next screen: ! 4. Select Microsoft Manufacturers. from 5. Select TCP/IP from Network Protocols. 6. Click OK. NOTE: Windows may request the original Windows installation disk or additional files.
Configuring Dynamic IP Address Allocation Microsoft Windows 98/98SE/ME/2000 Follow these steps to configure your PC for dynamic IP address allocation. Dynamic IP address allocation in Windows 98/98SE/ME/2000: 1 1. Click Start. 2. Select Settings. 3. Click Control Panel. 4. Double-click icon. 5. The Network configuration screen displays. the Network 2 1. In the network window’s Configuration tab, select the TCP/IP component corresponding to your Ethernet adapter. 2. Click Properties.
3 1. Click IP Address. 2. Select Obtain an IP address automatically. 3. Click Gateway. 4. Check that Installed Gateways list is blank. 5. Click OK. Network displays. 6. dialog page Click OK to close all windows and reboot your computer.
Configuring Static IP Address Allocation Microsoft Windows 98/98SE/ME/2000 Follow these steps to enable static IP address allocation. Static IP address allocation in Windows 98/98SE/ME/2000: 1 1. Click Start. 2. Select Settings. 3. Click Control Panel. 4. Double-click Network. 5. The Network screen displays. 2 1. In the Network window’s Configuration tab, select the TCP/IP component corresponding to your Ethernet adapter. 2. Click Properties. The screen displays.
3 1. Click IP Address. 2. Select Specify an IP address. 3. In IP Address enter 192.168.168.X, where X is any value from 2 to 254. For example: 192.168.168.45 4. Enter 255.255.255.0 in Subnet Mask. 4 1. Click Gateway. 2. Enter the IP address of the access point in New Gateway. The default IP address of the access point is 192.168.168.1 3. 5 1. Click DNS Configuration. 2. Select Enable DNS. 3. Enter a unique identifying name in Host. Click Add. For example: Serv_01 4.
Configuring Wireless Network Settings for Windows XP It is recommended to configure the wireless client PC or notebook with automatic IP addressing. Follow these steps to configure your wireless network settings. Microsoft Windows XP: 1 1. Right-click the Wireless Network Connection corresponding to the wireless Ethernet adapter to be connected to the access point. 2. Click Properties. 2 3 1. 1. Click Wireless Network. 2. Click Add. Enter the SSID of the wireless network in Network name (SSID).
Appendix B: Dual Card Application Example This is an application example for a dual WLAN card access point installed with the following setup: a) One WLAN card as AP (Access Point) mode and the other WLAN card as WRC (Wireless Routing Client) mode. b) WLAN card in AP has 4 VAPs (Virtual AP) with VLAN ID of 10, 20, and 30.
How it works 1. The connection path when WPC-1 is connected to VAP-WLAN1 flows from AP to the Ethernet port of the access point to switch VLAN ID segment 10, WPC-2 flows to VLAN ID segment 20, and WPC-3 flows to WLAN ID segment 30. 2. Both WPCs and PCs can share Internet access through the WRC connection. 3. A VAP connection only for Internet access can also be added. It is recommended that the VAP is setup with a VLAN ID that does not belong to any VLAN group.
Appendix C: Troubleshooting Solutions to Common Problems In this section we list suggested steps to rectify some common problems that may arise during the installation and operation of the access point. 1. I want to know whether my PC is connected to the access point and to the Internet. A. Open a Command Prompt ♦ For Windows 98/98SE/ME, please click the Start button and Run. In the Open field within the Run dialog box, type in command. Press the Enter key or click the OK button.
2. I am unable to surf the Internet. A. Make sure that the Ethernet cable is properly connecting your Cable/ADSL modem to the WAN port of the access point, and verify whether the access point has a valid IP address from the About System page. Then refer to suggested steps A, B & C to Problem 1 as described above, to verify the connectivity of the gateway. B. Ensure that the WAN settings suit your broadband connection.
♦ For Netscape 4.7 or later versions Start Netscape Navigator. From the Edit menu bar, select Preferences, then Advanced, and finally Proxies. Make sure that the direct connection to the Internet option is selected. Close all windows to finish. 4. I want to reset the default login password of the access point. A. Power up the access point B. Depress the Reset button situated at the back of the device and hold it for 5 seconds before releasing it. 5.
If it does, click on it and press the Properties button. Check whether Device Status displays this message “This device is working properly”. If it does not, you will need to uninstall and re-install the software driver. C. Verify whether your access point and your laptop and/or other wireless clients have been configured with the same SSID, which is the case-sensitive name of the wireless network that you are trying to access, and the same WEP settings. D.
Appendix D Command Line Interface Commands Get Operation List SYNTAX Get tasks Get sysinfo Get aplist Get athstats Get brinfo Get brmacshow Get bssinfo. Get channel Get chanlist Get ieee80211stats Get routeshow Get stalist Get linkinfo Get macstats Get opmode Get wmode DESCRIPTION Display all active process/tasks. Display system information. Display list of access points discovered. Display wireless driver information. Display bridge and interfaces information. Display bridge learned MAC address list.
TX Rate SYNTAX Set txrate DESCRIPTION Values are: (default auto) (802.11a)-- 6, 9, 12, 18, 24, 36, 48, 54, auto (802.11b/g mixed)-- 1, 2, 5,5, 11, 6, 9, 12, 18, 24, 36, 48, 54, auto (802.11b-only)-- 1, 2, 5.5, 11, auto Wireless Mode SYNTAX Set wirelessmode Set autochannelselect Enable/disable Set radio_off_eth_down enable/disable DESCRIPTION Supported strings are: auto, 11a, 11b, 11g, pureg, superg, supera Enable or disable smart channel select during power up.
{CTRY_EL_SALVADOR, "SV" }, {CTRY_ESTONIA, "EE" }, {CTRY_FINLAND, "FI" }, {CTRY_FRANCE, "FR" }, {CTRY_FRANCE2, "F2" }, {CTRY_GEORGIA, "GE" }, {CTRY_GERMANY, "DE" }, {CTRY_GREECE, "GR" }, {CTRY_GUATEMALA, "GT" }, {CTRY_HONDURAS, "HN" }, {CTRY_HONG_KONG, "HK" }, {CTRY_HUNGARY, "HU" }, {CTRY_ICELAND, "IS" }, {CTRY_INDIA, "IN" }, {CTRY_INDONESIA, "ID" }, {CTRY_IRAN, "IR" }, {CTRY_IRELAND, "IE" }, {CTRY_ISRAEL, "IL" }, {CTRY_ITALY, "IT" }, {CTRY_JAPAN, "JP" }, {CTRY_JAPAN1, "J1" }, {CTRY_JAPAN2, "J2" }, {CTRY_JAP
{CTRY_SPAIN, "ES" }, {CTRY_SWEDEN, "SE" }, {CTRY_SWITZERLAND, "CH" }, {CTRY_SYRIA, "SY" }, {CTRY_TAIWAN, "TW" }, {CTRY_THAILAND, "TH" }, {CTRY_TRINIDAD_Y_TOBAGO, "TT" }, {CTRY_TUNISIA, "TN" }, {CTRY_TURKEY, "TR" }, {CTRY_UKRAINE, "UA" }, {CTRY_UAE, "AE" }, {CTRY_UNITED_KINGDOM, "GB" }, {CTRY_UNITED_STATES, "US" }, {CTRY_URUGUAY, "UY" }, {CTRY_UZBEKISTAN, "UZ" }, {CTRY_VENEZUELA, "VE" }, {CTRY_VIET_NAM, "VN" }, {CTRY_YEMEN, "YE" }, {CTRY_ZIMBABWE, "ZW" }, Channel SYNTAX Set channel DESCRIPTION (Valu
WLAN State SYNTAX Get wlanstate Set wlanstate enable/disable DESCRIPTION Display whether status of current wireless operation is Enabled or Disabled. Set to Disable to turn off wireless operation. Set to Enable to turn back on wireless operation. Note: When executing this command, please ensure that you are not connected on wireless with device or you will be disconnected from the device and network. The wireless operation can only be Enabled from the Ethernet port or UTP cable connection to device.
Appendix E Glossary of Terms List of Commonly Used Terms 10Base-T An IEEE Ethernet standard for 10Mbps data transmission using unshielded twisted pair wires. 100Base-Tx An IEEE Ethernet standard for 100Mbps data transmission using two pairs of Category 5 UTP wire. 802.11b An IEEE standard for wireless networking standard specifying a maximum data transmission rate of 11Mbps using DSSS modulation and an operating frequency of 2.4GHz. 802.
DSSS Direct Sequence Spread Spectrum is a modulation scheme employed by the 802.11b standard that uses a chipping code (redundant bit) during its transmission to reject interference. Dynamic IP Address It is an IP address that is dynamically allocated or assigned to a client device within a TCP/IP network, typically by a DHCP server.
protocol allow a host to inform its local access point, using Host Membership Reports, that it wants to receive messages addressed to a specific multicast group. All hosts conforming to level 2 of the IP multicasting specification require IGMP. IEEE It is the Institute of Electrical and Electronic Engineers. The IEEE is a professional technical body promoting the development and application of technology.
PPTP Point-to-Point Tunneling Protocol supports the creation of Virtual Private Networks by ensuring that messages transmitted from one VPN node to another are secure. Users can use PPTP to dial in to their corporate network via the Internet. Preamble A preamble is a signal used in network communications to synchronize the transmission timing between two or more systems. Proper timing ensures that all systems are interpreting the start of the information transfer correctly.
WEP Wired Equivalent Privacy is a wireless data privacy encryption protocol based on a 64-bit or 128-bit shared key algorithm. WLAN Wireless Local Area Network is a group of computers and associated devices that communicate with each other wirelessly.
Appendix F Technical Specifications Safety Electromagnetic Conformance and • • • • • • • Standards FCC Part 15 SubPart B and SubPart C [for wireless module] EN 300 328-2 [for wireless module] EMC CE EN 301 489 (EN300 826) [for wireless module] EN 55022 (CISPR 22)/EN 55024 Class B EN 61000-3-2 EN61000-3-3 CE EN 60950 • IEEE 802.11a 54Mbps, 48Mbps, 36Mbps, 24Mbps, 18Mbps, 12Mbps, 9Mbps, 6Mbps, 1Mbps • IEEE 802.11b 11Mbps, 5.5Mbps, 2Mbps, 1Mbps • IEEE 802.
Network Interface WAN Interface: 1 x 10/100 Mbps LAN Interface: 3 x 10/100 Mbps Power over Ethernet: 1 x PoE Security • • • • • • • • • • 64 - bit / 128 – bit WEP WPA Personal WPA Enterprise WPA2-Personal WPA2-Enterprise WPA-Auto-Personal WPA-Auto-Enterprise Wireless Pseudo Virtual LAN IEEE 802.1x – TLS, TTLS, PEAP, EAP-SIM Stateful Packet Inspection Firewall Output Power IEEE 802.11a: IEEE 802.11b: IEEE 802.
Certifications • • • • Environment Requirements Operating Temp: Storage Temp: Operating Humidity: Antenna (WP18 1A) FCC CE Mark Gost C-tick N 12030 0ºC to 55ºC -20ºC to 75ºC 10% to 80% RH Humidity (RH – Relative Humidity): Configuration ANT-1: WLM54AG (a/b/g) card MAIN ANT-2: Antenna Configuration (WP18 2A, 2B, 2C, 3A, 3C, 3D) WLM54AG (a/b/g) card AUX ANT-1: WLM54AG (a/b/g) card MAIN ANT-2: WLM54G (b/g) card MAIN 182
