Enable-IT 8424 802.11g / 802.
Copyright © 1997- 2008, Enable-IT, Inc. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from Enable-IT, Inc. Enable-IT, Inc reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of Enable-IT, Inc to provide notification of such revision or change.
TABLE OF CONTENTS CHAPTER 1 INTRODUCTION .................................................................................................................................. 4 Features of your Wireless Access Point ........................................................................................................ 4 Package Contents ............................................................................................................................................. 6 Physical Details ..............
Chapter 1 Introduction This Chapter provides an overview of the Wireless Access Point's features and capabilities. Congratulations on the purchase of your new Wireless Access Point. The Wireless Access Point links your 802.11g or 802.11b Wireless Stations to your wired LAN. The Wireless stations and devices on the wired LAN are then on the same network, and can communicate with each other without regard for whether they are connected to the network via a Wireless or wired connection.
Security Features • Security Profiles. For maximum flexibility, wireless security settings are stored in Security Profiles. Up to 8 Security profiles can be defined, and up to 4 used as any time. • Multiple SSIDs. Because each Security Profile has it own SSID, and up to 4 Security Profiles can be active simultaneously, multiple SSIDs are supported. Different clients can connect to the Wireless Access Point using different SSIDs, with different security settings. • Multiple SSID Isolation.
Package Contents The following items should be included: • Wireless Access Point If any of the above items are damaged or missing, please contact your dealer immediately. Physical Details Front Panel LEDs Figure 2: Front Panel Status Power LAN Wireless LAN On - Error condition. Off - Normal operation. Blinking - During start up, and when the Firmware is being upgraded. On - Normal operation. Off - No power On - The LAN (Ethernet) port is active. Off - No active connection on the LAN (Ethernet) port.
Rear Panel Figure 3 Rear Panel Antenna Console port Reset Button One antenna (aerial) is supplied. Best results are usually obtained with the antenna in a vertical position. DB9 female RS232 port. This button has two (2) functions: • Reboot. When pressed and released, the Wireless Access Point will reboot (restart). • Ethernet Power port Reset to Factory Defaults. This button can also be used to clear ALL data and restore ALL settings to the factory default values.
Chapter 3 Access Point Setup This Chapter provides details of the Setup process for Basic Operation of your Wireless Access Point. Overview This chapter describes the setup procedure to make the Wireless Access Point a valid device on your LAN, and to function as an Access Point for your Wireless Stations. Wireless Stations may also require configuration. For details, see Chapter 4 - Wireless Station Configuration.
Description Any extra information for the Wireless Access Point, entered by the administrator. Note: If the desired Wireless Access Point is not listed, check that the device is installed and ON, then update the list by clicking the Refresh button. Buttons Refresh Detail Info Web Management Set IP Address Exit Click this button to update the Wireless Access Point device listing after changing the name or IP Address. When clicked, additional information about the selected Access Point will be displayed.
Setup Procedure 8. Select the desired Wireless Access Point. 9. Click the Set IP Address button. 10. If prompted, enter the user name and password. The default values are admin for the User Name, and password for the Password. 11. Ensure the IP address, Network Mask, and Gateway are correct for your LAN. Save any changes. 12. Click the Web Management button to connect to the selected Wireless Access Point using your Web Browser. If prompted, enter the User Name and Password again. 13.
Figure 5: Password Dialog 21. You will then see the Status screen, which displays the current settings and status. No data input is possible on this screen. See Chapter 5 for details of the Status screen. From the menu, check the following screens, and configure as necessary for your environment. Details of these screens and settings are described in the following sections of this chapter. • Access Control - MAC level access control. • Security Profiles - Wireless security.
Access Control This feature can be used to block access to your LAN by unknown or untrusted wireless stations. Click Access Control on the menu to view a screen like the following. Figure 6: Access Control Screen Data - Access Control Screen Enable Trusted Stations Use this checkbox to Enable or Disable this feature as desired. Warning ! Ensure your own PC is in the "Trusted Wireless Stations" list before enabling this feature. This table lists any Wireless Stations you have designated as "Trusted".
Trusted Wireless Stations To change the list of trusted wireless stations, use the Modify List button on the Access Control screen. You will see a screen like the sample below. Figure 7: Trusted Wireless Stations Data - Trusted Wireless Stations Trusted Stations Other Stations Name Wireless Wireless Address This lists any Wireless Stations which you have designated as “Trusted”. This list any Wireless Stations detected by the Access Point, which you have not designated as "Trusted".
Clear Clear the Name and Address fields. Security Profiles Security Profiles contain the SSID and all the security settings for Wireless connections to this Access Point. • Up to eight (8) Security Profiles can be defined. • Up to four (4) Security Profiles can be enabled at one time, allowing up to 4 different SSIDs to be used simultaneously. Figure 8: Security Profiles Screen Data - Security Profiles Screen Profile Profile List Buttons All available profiles are listed.
Primary Profile 802.11b/g AP Mode 802.11b/g Mode Bridge Select the primary profile for 802.11b and 802.11g (2.4 GHz band) AP mode. Only enabled profiles are listed. The SSID associated with this profile will be broadcast if the "Broadcast SSID" setting on the Basic screen is enabled. Select the primary profile for 802.11b and 802.11g (2.4 GHz band) Bridge Mode. This setting determines the SSID and security settings used for the Bridge connection to the remote AP.
Security Settings Select the desired option, and then enter the settings for the selected method. The available options are: • None - No security is used. Anyone using the correct SSID can connect to your network. • WEP - The 802.11b standard. Data is encrypted before transmission, but the encryption system is not very strong. • WPA-PSK - Like WEP, data is encrypted before transmission. WPA is more secure than WEP, and should be used if possible.
Security Settings - None Figure 10: Wireless Security - None No security is used. Anyone using the correct SSID can connect to your network. The only settings available from this screen are Radius MAC Authentication and UAM (Universal Access Method). Radius MAC Authentication Radius MAC Authentication provides for MAC address checking which is centralized on your Radius server. If you don't have a Radius Server, you cannot use this feature. Using MAC authentication 28.
Radius-based MAC authentication Screen This screen will look different depending on the current security setting. If you have already provided the address of your Radius server, you won't be prompted for it again. Otherwise, you must enter the details of your Radius Server on this screen. Figure 11: Radius-based MAC Authentication Screen Data - Radius-based MAC Authentication Screen Enable ...
UAM UAM (Universal Access Method) is intended for use in Internet cafes, Hot Spots, and other sites where the Access Point is used to provide Internet Access. If enabled, then HTTP (TCP, port 80) connections are checked. (UAM only works on HTTP connections; all other traffic is ignored.) If the user has not been authenticated, Internet access is blocked, and the user is re-directed to another web page. Typically, this web page is on your Web server, and explains how to pay for and obtain Internet access.
• Clients which pass the authentication are listed as “xx:xx:xx:xx:xx:xx WEB authentication” in the log table, and station status would show as “Authenticated” on the station list table. • If a client fails authentication, “xx:xx:xx:xx:xx:xx WEB authentication failed” is shown in the log, and station status is shown as “Authenticating” on the station list table. UAM Screen The UAM screen will look different depending on the current security setting.
Figure 13: WEP Wireless Security Data - WEP Screen WEP Data Encryption Authentication Key Input Key Value Passphrase Radius MAC Authentication Select the desired option, and ensure your Wireless stations have the same setting: • 64 Bit Encryption - Keys are 10 Hex (5 ASCII) characters. • 128 Bit Encryption - Keys are 26 Hex (13 ASCII) characters. • 152 Bit Encryption - Keys are 32 Hex (16 ASCII) characters.
UAM The current status is displayed. Click the "Configure" button to configure this feature if required.
Security Settings - WPA-PSK Like WEP, data is encrypted before transmission. WPA is more secure than WEP, and should be used if possible. The PSK (Pre-shared Key) must be entered on each Wireless station. The 256Bit encryption key is derived from the PSK, and changes frequently. Figure 14: WPA-PSK Wireless Security Data - WPA-PSK Screen WPA-PSK Network Key WPA Encryption Enter the key value. Data is encrypted using a 256Bit key derived from this key. Other Wireless Stations must use the same key.
AES-CCMP and multicast (broadcast) transmissions are encrypted using TKIP. Pairwise Key Update Key Lifetime Group Key Update Key Lifetime Update Group key when any membership terminates Radius MAC Authentication UAM This refers to the key used for point-to-point transmissions. Enable this if you want the keys to be updated regularly. This field determines how often Pairwise keys are dynamically updated. Enter the desired value. This refers to the key used for broadcast transmissions.
System Screen Click System on the menu to view a screen like the following. Figure 15: System Screen Data - System Screen Identification Access Name Point Enter a suitable name for this Access Point. Descrip tion If desired, you can enter a description for the Access Point. Country Domain Select the country or domain matching your current location.
Wireless Screens There are two (2) configuration screens available: • Basic Settings • Advanced Basic Settings Screen The settings on this screen must match the settings used by Wireless Stations. Click Basic on the menu to view a screen like the following. Figure 16: Basic Settings Screen Data - Basic Settings Screen Operation Wireless Mode Select the desired option: • Disable - select this if for some reason you do not this AP to transmit or receive at all. • 802.11b and 802.
AP Mode Select this option only if all wireless stations support this "Atheros Super G" mode. Both Bridge mode and AP mode can be used simultaneously, unless AP mode is "Client/Repeater". Select the desired AP mode: • None (disable) - Disable AP mode. Use this if you want to act a Bridge only.
Parameters Channel No • If "Automatic" is selected, the Access Point will select the best available Channel. • Current Channel No. If you experience interference (shown by lost connections and/or slow data transfers) you may need to experiment with manually setting different channels to see which is the best. This displays the current channel used by the Access Point.
Advanced Settings Clicking the Advanced link on the menu will result in a screen like the following. Figure 17: Advanced Settings Data - Advanced Settings Screen Basic Rate Basic Rate The Basic Rate is used for broadcasting. It does not determine the data transmission rate, which is determined by the "Mode" setting on the Basic screen. Select the desired option. Do NOT select the "802.11g" or "ODFM" options unless ALL of your wireless clients support this. 802.
Output Power Level Antenna Selection Select the desired power output. Higher levels will give a greater range, but are also more likely to cause interference with other devices. If your Access Point has only 1 antenna, there is only 1 option available. If your Access Point has 2 antennae, select the option which gives the best results in your location. 802.11b Protection Type Short Slot Time Protection Mode Protection Rate Select the desired option. The default is CTS-only.
Chapter 4 PC and Server Configuration This Chapter details the PC Configuration required for each PC on the local LAN. Overview All Wireless Stations need to have settings which match the Wireless Access Point. These settings depend on the mode in which the Access Point is being used. • If using WEP or WPA-PSK, it is only necessary to ensure that each Wireless station's settings match those of the Wireless Access Point, as described below. • For WPA-802.1x and 802.
Using WPA-802.1x This is the most secure and most complex system. 802.1x mode provides greater security and centralized management, but it is more complex to configure. Wireless Station Configuration For each of the following items, each Wireless Station must have the same settings as the Wireless Access Point. Mode SSID (ESSID) 802.1x Authentication 802.1x Encryption On each PC, the mode must be set to Infrastructure. This must match the value used on the Wireless Access Point.
802.1x Server Setup (Windows 2000 Server) This section describes using Microsoft Internet Authentication Server as the Radius Server, since it is the most common Radius Server available that supports the EAP-TLS authentication method. The following services on the Windows 2000 Domain Controller (PDC) are also required: • dhcpd • dns • rras • webserver (IIS) • Radius Server (Internet Authentication Service) • Certificate Authority Windows 2000 Domain Controller Setup 47. Run dcpromo.
Figure 19: Certification Screen 54. Enter the information for the Certificate Authority, and click Next. Figure 20: CA Screen 55. Click Next if you don't want to change the CA's configuration data. 56. Installation will warn you that Internet Information Services are running, and must be stopped before continuing. Click Ok, then Finish. DHCP server configuration 57. Click on the Start - Programs - Administrative Tools - DHCP 58. Right-click on the server entry as shown, and select New Scope.
Figure 21: DHCP Screen 59. Click Next when the New Scope Wizard Begins. 60. Enter the name and description for the scope, click Next. 61. Define the IP address range. Change the subnet mask if necessary. Click Next. Figure 22:IP Address Screen 62. 63. 64. 65. Add exclusions in the address fields if required. If no exclusions are required, leave it blank. Click Next. Change the Lease Duration time if preferred. Click Next. Select Yes, I want to configure these options now, and click Next.
Figure 23: DNS Screen 67. If you don't want a WINS server, just click Next. 68. Select Yes, I want to activate this scope now. Click Next, then Finish. 69. Right-click on the server, and select Authorize. It may take a few minutes to complete.
Certificate Authority Setup 70. Select Start - Programs - Administrative Tools - Certification Authority. 71. Right-click Policy Settings, and select New - Certificate to Issue. Figure 24: Certificate Authority Screen 72. Select Authenticated Session and Smartcard Logon (select more than one by holding down the Ctrl key). Click OK. Figure 25: Template Screen 73. Select Start - Programs - Administrative Tools - Active Directory Users and Computers. 74.
Figure 26: Active Directory Screen 75. Select the Group Policy tab, choose Default Domain Policy then click Edit. Figure 27: Group Policy Tab 76. Select Computer Configuration - Windows Settings - Security Settings - Public Key Policies, right-click Automatic Certificate Request Settings - New - Automatic Certificate Request.
Figure 28: Group Policy Screen 77. When the Certificate Request Wizard appears, click Next. 78. Select Computer, then click Next. Figure 29: Certificate Template Screen 79. Ensure that your certificate authority is checked, then click Next. 80. Review the policy change information and click Finish. 81. Click Start - Run, type cmd and press enter. Enter secedit /refreshpolicy machine_policy This command may take a few minutes to take effect.
Internet Authentication Service (Radius) Setup 82. Select Start - Programs - Administrative Tools - Internet Authentication Service 83. Right-click on Clients, and select New Client. Figure 30: Service Screen 84. Enter a name for the access point, click Next. 85. Enter the address or name of the Wireless Access Point, and set the shared secret, as entered on the Security Settings of the Wireless Access Point. 86. Click Finish. 87. Right-click on Remote Access Policies, select New Remote Access Policy. 88.
Figure 32: Authentication Screen 94. Select No if you don't want to view the help for EAP. Click Finish.
Remote Access Login for Users 95. Select Start - Programs - Administrative Tools- Active Directory Users and Computers. 96. Double click on the user who you want to enable. 97. Select the Dial-in tab, and enable Allow access. Click OK.
802.1x Client Setup on Windows XP Windows XP ships with a complete 802.1x client implementation. If using Windows 2000, you can install SP3 (Service Pack 3) to gain the same functionality. If you don't have either of these systems, you must use the 802.1x client software provided with your wireless adapter. Refer to your vendor's documentation for setup instructions. The following instructions assume that: • You are using Windows XP • You are connecting to a Windows 2000 server for authentication.
Figure 35: Wireless CA Screen 102. 103. Select User certificate request and select User Certificate, the click Next.
Figure 36: Request Type Screen 104. Click Submit.
Figure 37: Identifying Information Screen 105. A message will be displayed, then the certificate will be returned to you. Click Install this certificate.
Figure 38:Certificate Issued Screen 106. . You will receive a confirmation message. Click Yes. Figure 39: Root Certificate Screen 107. Certificate setup is now complete. 802.1x Authentication Setup 108. Open the properties for the wireless connection, by selecting Start - Control Panel - Network Connections. 109. Right Click on the Wireless Network Connection, and select Properties.
110. Select the Authentication Tab, and ensure that Enable network access control using IEEE 802.1X is selected, and Smart Card or other Certificate is selected from the EAP type. Figure 40: Authentication Tab Encryption Settings The Encryption settings must match the APs (Access Points) on the Wireless network you wish to join. • Windows XP will detect any available Wireless networks, and allow you to configure each network independently.
Figure 41: Wireless Networks Screen 112. Select the wireless network from the Available Networks list, and click Configure. 113. Select and enter the correct values, as advised by your Network Administrator. For example, to use EAP-TLS, you would enable Data encryption, and click the checkbox for the setting The key is provided for me automatically, as shown below.
Figure 42: Properties Screen Setup for Windows XP and 802.1x client is now complete.
Using 802.1x Mode (without WPA) This is very similar to using WPA-802.1x. The only difference is that on your client, you must NOT enable the setting The key is provided for me automatically. Instead, you must enter the WEP key manually, ensuring it matches the WEP key used on the Access Point.
Using WPA-PSK For each of the following items, each Wireless Station must have the same settings as the Wireless Access Point. Mode SSID (ESSID) Wireless Security On each PC, the mode must be set to Infrastructure. This must match the value used on the Wireless Access Point. The default value is wireless Note! The SSID is case sensitive. On each client, Wireless security must be set to WPA-PSK. • The Pre-shared Key entered on the Access Point must also be entered on each Wireless client.
Using WPA-802.1x This is the most secure and most complex system. 802.1x mode provides greater security and centralized management, but it is more complex to configure. Wireless Station Configuration For each of the following items, each Wireless Station must have the same settings as the Wireless Access Point. Mode SSID (ESSID) 802.1x Authentication 802.1x Encryption On each PC, the mode must be set to Infrastructure. This must match the value used on the Wireless Access Point.
802.1x Server Setup (Windows 2000 Server) This section describes using Microsoft Internet Authentication Server as the Radius Server, since it is the most common Radius Server available that supports the EAP-TLS authentication method. The following services on the Windows 2000 Domain Controller (PDC) are also required: • dhcpd • dns • rras • webserver (IIS) • Radius Server (Internet Authentication Service) • Certificate Authority Windows 2000 Domain Controller Setup 114. 115. Run dcpromo.
Figure 45: Certification Screen 121. Enter the information for the Certificate Authority, and click Next. Figure 46: CA Screen 122. Click Next if you don't want to change the CA's configuration data. 123. Installation will warn you that Internet Information Services are running, and must be stopped before continuing. Click Ok, then Finish. DHCP server configuration 124. 125. Click on the Start - Programs - Administrative Tools - DHCP Right-click on the server entry as shown, and select New Scope.
Figure 47: DHCP Screen 126. 127. 128. Click Next when the New Scope Wizard Begins. Enter the name and description for the scope, click Next. Define the IP address range. Change the subnet mask if necessary. Click Next. Figure 48:IP Address Screen 129. Add exclusions in the address fields if required. If no exclusions are required, leave it blank. Click Next. 130. Change the Lease Duration time if preferred. Click Next. 131. Select Yes, I want to configure these options now, and click Next. 132.
Figure 49: DNS Screen 134. 135. 136. If you don't want a WINS server, just click Next. Select Yes, I want to activate this scope now. Click Next, then Finish. Right-click on the server, and select Authorize. It may take a few minutes to complete.
Certificate Authority Setup 137. 138. Select Start - Programs - Administrative Tools - Certification Authority. Right-click Policy Settings, and select New - Certificate to Issue. Figure 50: Certificate Authority Screen 139. Select Authenticated Session and Smartcard Logon (select more than one by holding down the Ctrl key). Click OK. Figure 51: Template Screen 140. 141. Select Start - Programs - Administrative Tools - Active Directory Users and Computers.
Figure 52: Active Directory Screen 142. Select the Group Policy tab, choose Default Domain Policy then click Edit. Figure 53: Group Policy Tab 143. Select Computer Configuration - Windows Settings - Security Settings - Public Key Policies, right-click Automatic Certificate Request Settings - New - Automatic Certificate Request.
Figure 54: Group Policy Screen 144. 145. 146. When the Certificate Request Wizard appears, click Next. Select Computer, then click Next. Figure 55: Certificate Template Screen 147. Ensure that your certificate authority is checked, then click Next. 148. Review the policy change information and click Finish. 149. Click Start - Run, type cmd and press enter. Enter secedit /refreshpolicy machine_policy This command may take a few minutes to take effect.
Internet Authentication Service (Radius) Setup 150. 151. Select Start - Programs - Administrative Tools - Internet Authentication Service Right-click on Clients, and select New Client. Figure 56: Service Screen 152. Enter a name for the access point, click Next. 153. Enter the address or name of the Wireless Access Point, and set the shared secret, as entered on the Security Settings of the Wireless Access Point. 154. Click Finish. 155.
Figure 58: Authentication Screen 161. Select No if you don't want to view the help for EAP. Click Finish.
Remote Access Login for Users 162. 163. 164. Select Start - Programs - Administrative Tools- Active Directory Users and Computers. Double click on the user who you want to enable. Select the Dial-in tab, and enable Allow access. Click OK.
802.1x Client Setup on Windows XP Windows XP ships with a complete 802.1x client implementation. If using Windows 2000, you can install SP3 (Service Pack 3) to gain the same functionality. If you don't have either of these systems, you must use the 802.1x client software provided with your wireless adapter. Refer to your vendor's documentation for setup instructions. The following instructions assume that: • You are using Windows XP • You are connecting to a Windows 2000 server for authentication.
Figure 61: Wireless CA Screen 169. Select User certificate request and select User Certificate, the click Next.
Figure 62: Request Type Screen 170. Click Submit.
Figure 63: Identifying Information Screen 171. A message will be displayed, then the certificate will be returned to you. Click Install this certificate.
Figure 64:Certificate Issued Screen 172. 173. . You will receive a confirmation message. Click Yes. Figure 65: Root Certificate Screen 174. Certificate setup is now complete. 802.1x Authentication Setup 175. Open the properties for the wireless connection, by selecting Start - Control Panel - Network Connections. 176. Right Click on the Wireless Network Connection, and select Properties.
177. Select the Authentication Tab, and ensure that Enable network access control using IEEE 802.1X is selected, and Smart Card or other Certificate is selected from the EAP type. Figure 66: Authentication Tab Encryption Settings The Encryption settings must match the APs (Access Points) on the Wireless network you wish to join. • Windows XP will detect any available Wireless networks, and allow you to configure each network independently.
Figure 67: Wireless Networks Screen 179. Select the wireless network from the Available Networks list, and click Configure. 180. Select and enter the correct values, as advised by your Network Administrator. For example, to use EAP-TLS, you would enable Data encryption, and click the checkbox for the setting The key is provided for me automatically, as shown below.
Figure 68: Properties Screen Setup for Windows XP and 802.1x client is now complete.
Using 802.1x Mode (without WPA) This is very similar to using WPA-802.1x. The only difference is that on your client, you must NOT enable the setting The key is provided for me automatically. Instead, you must enter the WEP key manually, ensuring it matches the WEP key used on the Access Point. Figure 69: Properties Screen Note: On some systems, the "64 bit" WEP key is shown as "40 bit" and the "128 bit" WEP key is shown as "104 bit".
Figure 70: Status Screen Page 73 of 93
Data - Status Screen Access Point Access Point Name MAC Address Domain Firmware Version The current name will be displayed. The MAC (physical) address of the Wireless Access Point. The region or domain, as selected on the Basic Wireless screen. The version of the firmware currently installed. TCP/IP IP Address Subnet Mask Gateway DHCP Client The IP Address of the Wireless Access Point. The Network Mask (Subnet Mask) for the IP Address above.
Statistics Screen This screen is displayed when the 2.4GHz Statistics button on the Status screen is clicked. It shows details of the traffic flowing through the Wireless Access Point. Figure 71: Statistics Screen Data - Statistics Screen System Up Time System Up Time This indicates how long the system has been running since the last restart or reboot. 2.4GHz Wireless Authentication Deauthentication Association Disassociation Reassociation The number of "Authentication" packets received.
Profile Status The Profile Status screen is displayed when the Profile Status button on the Status screen is clicked. Figure 72: Profile Screen For each profile, the following data is displayed: Name SSID Broadcast SSID Band Status Clients The name you gave to this profile; if you didn't change the name, the default name is used. The SSID assigned to this profile. Indicates whether or not the SSID is broadcast. The Wireless band ( 2.4 GHz or 5 GHz ) used by this profile.
Activity Log This screen is displayed when the Log button on the Status screen is clicked. Figure 73: Activity Log Screen Data - Activity Log Data Current Time Log The system date and time is displayed. The Log shows details of the connections to the Wireless Access Point. Buttons Refresh Save to file Clear Log Update the data on screen. Save the log to a file on your pc. This will delete all data currently in the Log. This will make it easier to read new messages.
Station List This screen is displayed when the Stations button on the Status screen is clicked. Figure 74 Station List Screen Data - Station List Screen Station List Name MAC Address Mode SSID Status Refresh Button The name of each Wireless Station is displayed. If the name is not know, "unknown" is displayed for the name. The MAC (physical) address of each Wireless Station is displayed. The mode of each Wireless Station. This displays the SSID used the Wireless station.
Figure 75: Admin Login Screen Data - Admin Login Screen Login User Name Change Admin Password New Password Repeat New Password Enter the login name for the Administrator. If you wish to change the Admin password, check this field and enter the new login password in the fields below. Enter the desired login password. Re-enter the desired login password.
Auto Config/Update The Auto Config/Update screen provides two (2) features: • Auto Config - The Access Point will configure itself by copying data from another (compatible) Access Point. • Auto Update - The Access Point will update it Firmware by downloading the Firmware file from your FTP Server.
Auto Update Check for upgrade Firmware If enabled, this AP will check to see if a Firmware (FW) upgrade is available on the specified FTP Server. If enabled: • Enter the desired time interval (in days) between checks. • Install... Select the desired option for installation (see next item). • Provide the FTP server information.
Config File This screen allows you to Backup (download) the configuration file, and to restore (upload) a previously-saved configuration file. You can also set the Wireless Access Point back to its factory default settings. To reach this screen, select Config File in the Management section of the menu. Figure 77: Config File Screen Data - Config File Screen Backup Save a copy current settings of Once you have the Access Point working properly, you should back up the settings to a file on your computer.
Log Settings (Syslog) If you have a Syslog Server on your LAN, this screen allows you to configure the Access Point to send log data to your Syslog Server. Figure 78: Log Settings (Syslog) Screen Data - Log Settings Screen Syslog Server Select the desired Option: • Disable - Syslog server is not used. • Broadcast - Syslog data is broadcast. Use this option if different PCs act as the Syslog server at different times.
Rogue APs A "Rouge AP" is an Access Point which should not be in use, and so can be considered to be providing unauthorized access to your LAN. This Access Point can assist to locate 2 types of Rogue APs: • APs which have Wireless security disabled. • APs which are not in the list of valid APs which you have provided. When a Rogue AP is located, it is recorded in the log. If using SNMP, you can also choose to have detection of a Rogue AP generate an SNMP trap.
SNMP SNMP (Simple Network Management Protocol) is only useful if you have a SNMP program on your PC. To reach this screen, select SNMP in the Management section of the menu. Figure 80: SNMP Screen Data - SNMP Screen General Enable SNMP Use this to enable or disable SNMP as required Community Enter the community string, usually either "Public" or "Private". Access Rights Select the desired option: • Read-only - Data can be read, but not changed. • Read/Write - Data can be read, and setting changed.
Upgrade Firmware The firmware (software) in the Wireless Access Point can be upgraded using your Web Browser. You must first download the upgrade file, and then select Upgrade Firmware in the Management section of the menu. You will see a screen like the following. Figure 81: Firmware Upgrade Screen To perform the Firmware Upgrade: 184. 185. 186. Click the Browse button and navigate to the location of the upgrade file. Select the upgrade file. Its name will appear in the Upgrade File field.
Maximum Receive Level Transmit Power Modulation min. -5dBm 18 dBm Direct Sequence Spread Spectrum BPSK / QPSK / CCK Up to 19 Mbps Indoors • 30 Meters (100ft.) @ 11Mbps Throughput Operating Range • 50 Meters (165ft.) @ 5.5Mbps • 70 Meters (230ft.) @ 2Mbps • 9 1Meters (300ft.) @ 1Mbps Outdoors • 152 Meters (500ft.) @ 11Mbps • 270 Meters (885ft.) @ 5.5Mbps • 396 Meters (1300ft.) @ 2 Mbps • 457 Meters (1500ft.
Other Features Firmware Upgrade • Configuration file Backup/Restore • Statistics support • Device discovery program • Windows Utility • DHCP client • WINS client HTTP, FTP network protocol download Page 88 of 93
FCC Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
address of the Wireless Access Point, as shown below. Figure 82: Ping If your PC uses a Fixed (Static) IP address, ensure that it is using an IP Address which is compatible with the Wireless Access Point. (If no DHCP Server is found, the Wireless Access Point will default to an IP Address and Mask of 192.168.0.228 and 255.255.255.0.) On Windows PCs, you can use Control Panel-Network to check the Properties for the TCP/IP protocol.
Please ship Authorized RMAs to: Enable-IT Processing Facility 16600 Harbor Blvd, Ste G Fountain Valley, CA 92708 Returning Products for Refund 30-Day refund applies to single kit Ethernet Extenders only and is subject to a 25% Restocking Fee. Shipments without valid / authorized RMA number or sent to our corporate Las Vegas Address can be refused and or billed for additional shipping.
d. Voiding of Warranty.
conjunction with your use of the Product. All worldwide right, title and interest in and to the Product, or any portion thereof (including but not limited to the Embedded Software), including all copyrights, patent rights, trademarks, trade secrets, and other intellectual property rights therein and thereto, are and shall remain the exclusive property of Enable-IT and/or its licensors.
