Benutzeranleitung / Produktwartung NWA-3166 des Produzenten ZyXEL
Zur Seite of 372
www .zyxel.com www .zyxel.com NW A-3160 Series Models: NW A-3160, NW A-3163 & NW A-3166 Copyright © 2010 ZyXEL Communications Corporation Firmware V ersion 3.
.
About This User's Guide NWA-3160 Series User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who want to configure the NW A using the web configur ator .
About This User's Guide NWA-3160 Series User’s Guide 4 • Support Disc Re fer to the included CD for support d ocuments. Documentation Feedback Send your comments, questions or su ggestions to: techwriters@zyxel.com.tw Thank you! The T echnical W riting T eam, ZyXEL Communications Corp.
About This User's Guide NWA-3160 Series User’s Guide 5 Customer Support Should problems arise that cannot be solved by the methods listed above, you shou ld con tact yo ur ven dor . I f you ca nnot cont act you r vend or , th en co ntac t a Z yXEL office fo r the region in wh ich you bought the de vice.
Document Conventions NWA-3160 Series User’s Guide 6 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User’ s Guide.
Document Conventions NWA-3160 Series User’s Guide 7 Icons Used in Figures Figures in this User’s Guide use the following generic icons. The NW A icon is not an exact representation of your NWA.
Safety Warnings NWA-3160 Series User’s Guide 8 Safety Warnings • Do NO T use this product near water , for exam ple, in a wet basement or near a swimming pool. • Do NO T expose your device to dampness, dust or corrosive liquids. • Do NO T store things on the device.
Contents Overview New Template User’s Guide 9 Contents Overview Introduction .......................................... ..................................................... ................... .......... 21 Introduction ............ ............. .
Contents Overview New Template User’s Guide 10.
Table of Contents NWA-3160 Series User’s Guide 11 Table of Contents About This User's Guide . ............................................................... ........................................ .. 3 Document Conventions....................
Table of Contents NWA-3160 Series User’s Guide 12 3.1 Overview ... ................ ............. ................ ............. ................. ............ ................. ....... ............ 39 3.2 How to Configure the Wirele ss LAN ... ....
Table of Contents NWA-3160 Series User’s Guide 13 Part II: The Web Configurato r ................................... ............................ 79 Chapter 4 St atus Screen ...........................................................................
Table of Contents NWA-3160 Series User’s Guide 14 7.5.1 Administrator Authentic ation on RADIUS ............ ................ ................ ................ ......1 17 7.5.2 Pre-defined NTP Time Servers List ........... ................. ........
Table of Contents NWA-3160 Series User’s Guide 15 10.1 Overview ........... ................ ............. ................ ................ ............. ................ ............ ......... 159 10.1.1 What Y ou Can Do in th e Wireless Security Screen .
Table of Contents NWA-3160 Series User’s Guide 16 14.3.1 W AN IP Address Assignment ............... ............. ............. ................ ............. ........... 189 Chapter 15 Rogue AP Detection ............................................
Table of Contents NWA-3160 Series User’s Guide 17 18.2.2 My Certificates Create Screen ....... ................ ............. ................ ................ ........... 226 18.2.3 My Certificates Details Screen ............. ................ ....
Table of Contents NWA-3160 Series User’s Guide 18 21.1.1 What Y ou Need to Know About Load Balancing ............... ................ ............. ........ 269 21.2 The Load Bala nc ing Screen .... ............ ................. ................ ..
Table of Contents NWA-3160 Series User’s Guide 19 Appendix C IP Addresses and Subnetting .......................... ................................................. 327 Appendix D T ext File Based Auto Configuration ................. ..............
Table of Contents NWA-3160 Series User’s Guide 20.
21 P ART I Introduction Introduction (23) The W eb Configur ator (35) Tu t o r i a l s ( 3 9 ).
22.
NWA-3160 Series User’s Guide 23 C HAPTER 1 Introduction Note: This User ’s Guide includes the NW A-3160, NWA-3163 an d the NW A-3166. Illustrations used throughout this book are based on the NW A-3160 (u nless otherwise stated). The W eb Config uration screens are based on the NW A-3166 (unless otherwise stated).
Chapter 1 Intro duction NWA-3160 Series User’s Guide 24 1.2 Applications for the NW A The NWA can be configured to use the following WLAN oper ating modes • Access P oint •B r i d g e / R e p e a t e r •A P + B r i d g e •M B S S I D Applications for each oper ating mode are shown below .
Chapter 1 Introduction NWA-3160 Series User’s Guide 25 1.2.2 Bridge / Repeater The NWA can act as a wireless network bridge and establis h wireless links with other APs. In the figure below , the two NW As ( A and B ) are connected to independent wired net works and have a bridge connection ( A can communicate with B ) at the same time.
Chapter 1 Intro duction NWA-3160 Series User’s Guide 26 Figure 3 Repeater Application 1.2.2.1 Bridge / Re peater Mode Example In the example below , when both NW As ar e in Bridge / R epeater mode, they form a WDS (Wireless Distri bution System) allowi ng the computers in LAN 1 to connect to the computers in LAN 2 .
Chapter 1 Introduction NWA-3160 Series User’s Guide 27 • If two or more NW As (in bridge mode) are connected to the same hub . Figure 5 Bridge Loo p: T wo Brid ges Connected to Hub • If your NW A (in bridge mode) is connec ted to a wired LAN while communicating with another wireless bridge that is also connected to the same wired LAN.
Chapter 1 Intro duction NWA-3160 Series User’s Guide 28 1.2.3 AP + Bridge In AP + Bridge mode, the NW A supports bo th AP and bri dge connection at the same time. In the figure below , A and B use X as an AP to access the wired network, while X and Y communicate in bridge mode.
Chapter 1 Introduction NWA-3160 Series User’s Guide 29 provides multiple virt ual APs, each forming its own BSS and using its own individual S SID profile. Y ou can configure up to sixteen SSID profile s, and have up to ei ght active at any one time.
Chapter 1 Intro duction NWA-3160 Series User’s Guide 30 1.2.5 Pre-Configured SSID Profiles The NWA has two pre-configured S SID profiles. • VoIP_SSID . This profile is intended for use b y wireless clients requiring t he highest QoS level for V oIP telephony and other appl ications requiring low latency .
Chapter 1 Introduction NWA-3160 Series User’s Guide 31 The following figure ill ustrates a CA PWAP wireless network. The user ( U ) configures the controller AP ( C ), which then automatically updates the configurations of th e managed APs ( M1 ~ M4 ).
Chapter 1 Intro duction NWA-3160 Series User’s Guide 32 • Back up the configur ation (and make sure you know how to restore it). Restoring an e arlier wo rking conf iguratio n may be usef ul if the device becomes unstable or even cr ashes. If you f orget your password, you will have to reset the NWA to its factory default settings.
Chapter 1 Introduction NWA-3160 Series User’s Guide 33 1.7 LEDs Note: The figures shown in this section are from the NW A-3160. Y our device may differ in minor ways. Figure 1 1 LEDs T able 1 LEDs LABEL COLOR STATUS DESCRIPTION WDS Off Either • The NWA is in Access Point or MBS SID mode and is functioning normally .
Chapter 1 Intro duction NWA-3160 Series User’s Guide 34 WLAN Green On The wireless LAN is active. Blinking The wireless LAN is active, and tr ansmitting or receiving data. Off The wireless LAN is not active. ETHERNET Green On The NWA has a 10 Mbps Ethernet connection.
NWA-3160 Series User’s Guide 35 C HAPTER 2 The Web Configurator 2.1 Overview This chapter describes how to access the NWA’ s web configurator and provides an overview of its screens.
Chapter 2 The Web Configurator NWA-3160 Series User’s Guide 36 6 Click Apply in the Replace Certificate screen to create a certificate using y our NWA’ s MAC address that will be specific to this device. Y ou should now see the Status screen. See Chapter 2 on page 35 for details about the Status screen.
Chapter 2 The Web Configurator NWA-3160 Series User’s Guide 37 Click LOGOU T at any time to exit the web configurator . Check the status bar at the bottom of the screen when you click Apply or OK to verify that the c onfiguration has been updated.
Chapter 2 The Web Configurator NWA-3160 Series User’s Guide 38.
NWA-3160 Series User’s Guide 39 C HAPTER 3 Tutorials 3.1 Overview This chapter first pro vides a basic ov erview of how to configure the wireless LAN on your NW A, and then giv es step-by -st ep guidelines showing how to configure your NW A for some example scenarios.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 40 3.2.2 Wireless LAN Configuration Overview The following figure shows the steps you should tak e to configure the wireless settings according to the operating mode you select.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 41 3.2.3 Further Reading Use these links to find more information on the steps: • Choosing 802.11 Mode : see Section 8.2.1 on page 123 . • Choosing a wireless Channel ID : see Section 8.2.1 on page 123 .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 42 The following figure shows the multiple ne tworks you want to set up. Y our NWA is marked Z , the main network router is marked A , and your network printer is marked B . Figure 14 T utorial: Example MBSSID Setup The standard network ( SSID04 ) has access to all resources.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 43 3.3.1 Change the Operating Mode Log in to the NWA (see Section 2.2 on page 35 ). Click Wireless > Wireless . The Wireless screen appears. 3.3.1.1 Access Point Set the NWA is in Access Point operating mode, and is currently set to use the SSID03 profile.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 44 3.3.1.2 MBSSID Select MBSSID from the Operat ing Mode dr op-down list box. The screen displays as foll ows. Figure 16 T utorial: Wireless LAN: Change Mode This Select SSID Profile table allows you to activate or deactivate SSID profiles.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 45 3.3.2 Configure the V oIP Network Next, click Wireless > SSID . The following screen displa ys. Note that the SSID03 SSID profile (t he standard network) is using t he security01 security profile.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 46 1 Choose a new SSID for the V oIP network. In this example, enter VOIP_SSID_Example . Note that although the SSID changes, the SSID profi le name ( VoIP_SSID ) remains the same as before. 2 Select Enable from the Hide Name (SSID) list box.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 47 Y ou already chose to use the security02 profile for this netw ork, so select the radio button for security02 and click Edit .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 48 3.3.2.2 Activate the V oIP Profile Y ou need to activate the VoIP_SSID profil e before it can be used. Click the Wireless tab. In the Select SSID Profile table, select the VoIP_SSID profile and click Apply .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 49 Click Wirel ess > SSID . Select Guest_SSID ’ s entry in the list and click Edit . The following screen appears. Figure 23 T utorial: Guest Edit 1 Choose a new SSID for the guest ne twork. In this example, enter Guest_SSID_Example .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 50 3.3.3.1 Set Up Security for the Guest Profile Now you need to configure the se curity settings to use on the guest wireless network. Click the Security tab. Y ou already chose to use the security03 profile for this ne twork, so select security03 ’ s entry in the list and click Edit .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 51 3.3.3.2 Set up Layer 2 Isolation Configure layer 2 isolation to control the speci fic devices you w ant the users on your guest network to access. Click Wireless > Layer-2 Isol ation . The following screen appears.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 52 3.3.3.3 Activate the Guest Profile Y ou need to activate the Guest_SSID prof ile before it can be us ed. Click the Wireless tab. In the Select SSID Profile table, select the check box for the Guest_SSID profile and click Apply .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 53 3.4 How to Set Up and Use Rogue AP Detection This example shows you how to configur e the rogue AP detection feature on the NWA. A rogue AP is a wireless access point oper ating in a network’ s coverage area that is not a sanctioned part of that networ k.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 54 E , and a computer , marked F , connected to the wi red network. The coffee shop ’ s access point is marked 1 .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 55 Note: The NW A can detect the MAC addre sses of APs automatically . However , it is more secure to obt ain the correct MAC addresses from an other source and add them to the friendly AP list manually .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 56 Note: Y ou can add APs that are not p art of your network to the friendly AP list, as long as you know that they do not pose a threat to your network’s security . The Friendly AP screen now appears as follows.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 57 4 Click Export . If a window similar to the following appears, click Save . Figure 33 T u torial: W arning 5 Save the friendly AP list somewhere it can be accessed by all t he other access points on the network.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 58 3.4.2 Activate Periodic Rogue AP Detection T ake the following steps to activ ate rogue AP det ection on the first of your NW As. 1 In the ROGUE AP > Configuration screen, se lect Enable from the Rogue AP Period Detection field.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 59 3.4.3 Set Up E-mail Logs In this section, you will configure the firs t of y our four APs to send a log message to your e-mail inbox whenever a rogue AP is disco vered in your wireless network’ s cover age area.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 60 5 In the Send Immediate Alert section, sele ct the events you w ant to trigger immediate e-mails. Ensure that Rogue AP is selected. 6 Click Apply . 3.4.4 Configure Y our Other Access Point s Access point A is now configured to do the foll owing.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 61 • If y ou have an other access point that i s not used in y our network, mak e a note of its MAC address and set i t up next to each of your NWAs in turn while the network is runn ing.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 62 NWA i s marked Z . C is a workstation on your wired ne twork, D is your main network switch, and E is the security gateway you use to connect to the Internet. Figure 37 T utorial: Example Network 3.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 63 Each SSID profile already uses a different pre-shared key . In this example, you will configure access limitations for each SSID profile.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 64 T ake the following steps to configure the SERVER_1 network. 1 Log into the NWA’ s W eb Configurator and cl ick Wireless > SSID . The following screen displays, showing the SS ID profiles you already configured.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 65 2 Select SERVER_1 ’ s entry and click Edit . The following screen displa ys. Figure 39 T utorial: SSID Edit Select l2Isolation03 in the L2 Isolation field, and select macfilter03 in the MAC Filtering field.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 66 8 Enter the MAC address of the device Alice uses to connect to the network in Index 1 ’s MA C Address field and enter her name in the Description field , as shown in the following figure. Change the Profile Name to “MacFilter_SERVER_1” .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 67 3.5.6 Checking your Settings and T esting the Configuration Use the following sections to ensure th at your wireless networks are set up correctly .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 68 If the settings are not as s hown, follow the steps in t he relevant section of this tutorial again. 3.5.6.2 T esting the Con figuration Before you allow employ ees to use the ne twork, y ou need to thoroughly test whether the setup behaves as it should.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 69 3.6 How to Configure Management Modes This example shows you how to configure the NWA’ s controller AP and managed AP modes. Note: If you are using several NW A models in your network including an NW A-3166, you should use the NW A-3166 as the Controller AP .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 70 3.6.2 Y our Requirement s 1 Y ou want to manage the APs in your company using one controller AP’ s W eb Configurator . That is, you only need to know one IP address to ed it the settings of the NWAs i n your wireless network.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 71 4 Check your settings and test the configur ation. This example uses screens from G- 302 v3, a wireless client that will try to access one of the mananged APs, for this section. 3.6.4 Configure Y our NW A in Controller AP Mode The NWA i s set to Standalone AP mode by default.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 72 This happens when the primary contr oller AP is disconnected from the network, rebooting or turned off . Note: While the primary controller AP is online, the seco ndary controller AP cannot configure any of the managed APs.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 73 2 Enable Redundancy . Then select Primary AP Controller and enter the IP address of the secondary controller AP (required). Click Apply . Note: Only NW As in managed AP mode are visible to the controller AP .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 74 Y ou must now add the NW A managed APs to the controller’ s managed AP list. 3.6.6 Configuring the Managed Access Point s List At this point, you have 3 NWA managed APs ( B , C and D ) that can now be managed b y the prima ry controlle r AP .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 75 1 T o add a managed AP to the controller AP’ s cover age, go to Controller > AP Lists . Figure 50 T utorial: AP List (Un-Managed) 2 Select the NW A managed APs from the Un-Managed Access Points List as shown in the screen above.
Chapter 3 Tutorials NWA-3160 Series User’s Guide 76 T urn on a WLAN Radio Profile by sele cting the managed AP from the list and clicking Edit . Figure 51 T utorial:AP List (Managed) 4 In the screen that opens, choose the radi o profile for each WLAN radio and click Apply .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 77 3.6.7 Checking your Settings and T esting the Configuration The NWAs s hould be working at this point. Y ou can configure the setti ngs of each NWA uni t by just opening the W eb Configurator of the primary controller AP .
Chapter 3 Tutorials NWA-3160 Series User’s Guide 78.
79 P ART II The W eb Configurator Status Screen (81) Management Mode (87) System Screens (109) Wireless Screen (119) SSID Screen (149) Wireless Security Screen (159) RADIUS Screen (173) Layer -2 Isola.
80.
NWA-3160 Series User’s Guide 81 C HAPTER 4 Status Screen 4.1 Overview The Status screen displays when you log int o the NWA or click Status in the navigation menu. Use this screen to look at the current status of the device, system resources, and interfaces .
Chapter 4 Status Screen NWA-3160 Series User’s Guide 82 The following table describes t he labels in this screen. T able 8 The Status Screen LABEL DESCRIPTION Automatic R efresh Interval Enter how often you w ant the NWA to update this screen. R efresh Click this to update this screen immediately .
Chapter 4 Status Screen NWA-3160 Series User’s Guide 83 Status This field indicates whether or not the NWA is using the interface. For each interface, this field displays Up when the NW A is using the interface and Down when the NW A is not using the interface.
Chapter 4 Status Screen NWA-3160 Series User’s Guide 84 4.2.1 System S t atistics Screen Use this screen to view di agnostic information about the NWA. Clic k Show Statistics in the Status screen. The following screen pops up. Note: The Poll Interval field is configurable.
Chapter 4 Status Screen NWA-3160 Series User’s Guide 85 Re mote Bridge MAC This is the MAC address of the peer device in bridge mode. Status This shows the current status of the bridge connection, which can be Up or Down . TxPkts This is the number of transmitted pack ets on the wireless bridge.
Chapter 4 Status Screen NWA-3160 Series User’s Guide 86.
NWA-3160 Series User’s Guide 87 C HAPTER 5 Management Mode 5.1 Overview This chapter discusses using the NWA in management mode. This screen determines whether the NWA is used in its default standalone mode, or as part of a Control And Provisioning of Wireless Access P oints ( CAPWAP) network.
Chapter 5 Manage ment Mode NWA-3160 Series User’s Guide 88 Note: The NW A can be a controller AP , standalone AP (default) or a CAPW AP managed AP . Note: If you are using several NW A models in your network including an NW A-3166, you should use the NW A-3166 as the Controller AP .
Chapter 5 Manag ement Mode NWA-3160 Series User’s Guide 89 DHCP Option 43 allows the CAPWAP management request (from the AP in managed AP mode) to reach th e AP control ler in a diff erent subnet, as shown in the following figure . Figure 57 CAPW AP and DHCP Option 43 5.
Chapter 5 Manage ment Mode NWA-3160 Series User’s Guide 90 Click MGNT MODE in the NW A’ s navigation menu . The following screen displa ys. Figure 58 Managemen t Mode The following table describes t he labels in this screen.
Chapter 5 Manag ement Mode NWA-3160 Series User’s Guide 91 Apply Click this to save your changes. If you change the mode in this screen , the NWA restarts.
Chapter 5 Manage ment Mode NWA-3160 Series User’s Guide 92.
NWA-3160 Series User’s Guide 93 C HAPTER 6 AP Controller Mode 6.1 Overview This chapter discusses the Controller AP management mode. When the NW A is used as a CAPW AP (Control And Pro visioning of Wireless Access P oints) controll er AP , the W eb Configurator changes to reflect this by including the Controller and Profile Edit screens.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 94 In the figure below , an administr ator is ab le to manage t he security settings of 5 APs (1 controller AP and 4 managed APs ). He changes the s ecurity mode to WP A- PSK just by accessing the W eb Configurator of the controller AP ( C ).
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 95 Note: The NW A reboot s every time you change mode in the MGMT MODE screen. Y ou can switch from St a ndalone AP to Controller AP (and vice versa) using the Web Configurator .
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 96 Click Status . The fo llowing screen displays. Figure 62 S tatus Screen The following table describes t he new labels in this screen. T able 1 1 Status Screen LABEL DESCRIPTION System Information Re gistration T ype This field displays how the managed APs are registered with the NW A.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 97 6.4 AP List s Screen Use this screen to view and add managed APs. By default, the controller NW A is always included in this table. Although y ou cannot remove it, y ou can edit its settings.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 98 Click Controller > AP Lists . The following screen displa ys. Figure 63 AP List s Screen The following table describes t he labels in this screen.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 99 Status This displays whether the managed AP is activ e, not active or upgrading its firmware. • Red : the AP is not active. • Green : the AP is active. • Yellow : the AP is upgrading its firmw are.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 100 6.4.1 The AP List s Edit Screen Use this screen to change th e description or radio profile of an AP managed by the NWA. Click Edit in the CONTROLL ER > AP Lists screen. The following screen displays.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 101 6.5 Configuration Screen Use this screen to control the way in which the NWA acc epts new APs to manage. Y ou can also configure the pre-shared key (PSK) that is used to secure the d ata transmit ted between the NWA and the APs it manages.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 102 6.6 Redundancy Screen Use this screen to set t he controller AP as a primary or secondary controller . If you set your NW A as a primary controller AP , you can have a secondary controller AP to serve as a backup.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 103 6.7 The Profile Edit Screens This section describes the Profile Edit screens, which are available on ly in A P controller mode. The following Profile Edit screens are ide ntical to those in standalone mode: •T h e Profile Edit > SSID screen (see Section 9.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 104 The following table describes t he labels in this screen. 6.7.2 The Radio Profile Edit Screen Use this screen to conf igure a specific r adio profile. In the Profile Edit > Radio screen, select a profile and click Edit .
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 105 The following table describes t he labels in this screen. T able 17 Radio Edit Screen LABEL DESCRIPTION Profile Name Enter a name identifying this profile. Radio Mode This makes sure that only compliant WLAN devices can associate with the NW A.
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 106 Disable channel switching for DFS This field displays only when you select 802.11a or 802.11n/a in the 802.11 Radio Mode field. Select this if you do n ot want to use DFS (Dynamic Frequency Selection).
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 107 RT S / C T S T h r e s h o l d Use RT S/CTS to reduce data collisions on the wireless network if you have wireless clients that are associated with the same AP but out of ran ge of one another .
Chapter 6 AP Controller Mode NWA-3160 Series User’s Guide 108 MCS T able The MCS Rate table is av ailable only when 802.11n/g or 802.11n/a is selected as the 802.11 Radio Mode . IEEE 802.11n supports many different data rates which are called MCS rates.
NWA-3160 Series User’s Guide 109 C HAPTER 7 System Screens 7.1 Overview This chapter provides information and i nstructions on how to identify and manage your NW A ov er the network. Figure 69 NW A Setup In the figure abov e, the NWA ( ZyXEL Device ) connects to a Domain Name Serv er (DNS) server to av ail of a domain name.
Chapter 7 System Screens NWA-3160 Series User’s Guide 11 0 7.1.2 What Y ou Need T o Know About the System Screens The following terms and conc epts may he lp as you read through the chapter . IP Address Assignment Every computer on the Internet must have a unique IP address.
Chapter 7 S ystem Scre ens NWA-3160 Series User’s Guide 111 Onc e you have d eci de d on the net wor k nu mbe r , p ick an I P ad dre ss t hat is e asy to remember , for instance, 192.168.1.2, for your devic e, but make sure that no other device on your network is using that IP address.
Chapter 7 System Screens NWA-3160 Series User’s Guide 11 2 Administrator Inactivity Timer T ype how many minut es a manage ment ses sion can be left idle before the session times out. The default is 5 minutes. After it times out you hav e to log in with your password again.
Chapter 7 S ystem Scre ens NWA-3160 Series User’s Guide 11 3 7.3 Password Screen Use this screen to control access to your NW A by assigning a password to it. Click System > Password . The following screen displays. Figure 71 System > Password.
Chapter 7 System Screens NWA-3160 Series User’s Guide 11 4 Use new setting Select this if you w ant to change the RADIUS username and password the NW A uses to authenticate management logon. User Name Enter the username for this user accoun t. This name can be up to 31 ASCII characters long, including spaces.
Chapter 7 S ystem Scre ens NWA-3160 Series User’s Guide 11 5 7.4 T ime Setting Screen Use this screen to change your NW A’ s time and date, click System > Time Setting . The following screen displays. Figure 72 System > T ime Setting The following table describes t he labels in this screen.
Chapter 7 System Screens NWA-3160 Series User’s Guide 11 6 New Date (yyyy:mm:dd) This field displays the last updated date from the time server or the last date configured manually . When you set Time and Date Setup to Manual , enter the new date in this field and then click Apply .
Chapter 7 S ystem Scre ens NWA-3160 Series User’s Guide 11 7 7.5 T echnical Reference This section provi des some technical information about the topics cov ered in this chapter .
Chapter 7 System Screens NWA-3160 Series User’s Guide 11 8 When the NWA uses the pre-defi ned list of NTP time serv ers, it r andomly selects one server and tries t o synchronize with it .
NWA-3160 Series User’s Guide 11 9 C HAPTER 8 Wireless Screen 8.1 Overview This chapter discusses the steps to confi g ure the Wireless Settings screen on the NWA.
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 120 8.1.2 What Y ou Need T o Know About the Wireless Screen The following terms and conc epts may he lp as you read through this chapter .
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 121 An ESSID (ES S IDentification) uniquely id entifies each ESS . All access points and their associated wireless stations within the same ESS must hav e the same ESSID in order to comm unicate.
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 122 SSID The SSID (Service Set IDenti fier) identifies the Service Set wi th which a wireless station is associated. Wireless stations a ssociating to the access point (AP) must have the same SSID .
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 123 • Y ou must use different WEP k eys for different BS Ss. If two stations ha ve different BSSIDs (they are in different BSSs) , but have the same WEP keys, they may hear each other’ s communicati ons (b ut not communicate with each other).
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 124 The following table describes t he genera l wireless L AN labels in this screen. T able 23 Wireless: Access Point LABEL DESCRIPTION Operating Mode Select Access Point from the drop-down list.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 125 Disable channel switching for DFS This field displays only when you select 802.11a or 802. 11n/a in the 802.11 Radio Mode field. Select this if you do no t want to use DFS (Dynamic Frequency Selection).
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 126 Beacon Interval When a wirelessly networked device sends a beacon, it includes with it a beacon interv al.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 127 8.2.2 Bridge / Repeater Mode Use this screen to ha ve the NW A act as a wireless network bridge / repeat er and establish wireless links with ot her APs. Y ou need to know the MAC addr ess of the peer device, which also must be in bridge / repeater mode.
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 128 Note: Y ou can view an example of this setu p in Section 8.3.3 on p age 146 . Figure 77 Wireless: Bridge / Repeater.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 129 The following table describes t he bridge labels in this screen. T able 24 Wireless: Bridge / Repeater LABEL DESCRIPTIONS Operating Mode Select Bridge / Repeater in this field. 802.11 mode This makes sure that only compliant WLAN devices can associate with the NW A.
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 130 Disable channel switching for DFS This field displays only when you select 802.11a or 802.11n/a in the 802.11 Radi o Mode field. Select this if you do not want to use DFS (Dynamic Frequency Selection).
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 131 Output Power Set the output power of the NW A in this field. If there is a high density of APs in an area, decrease the outpu t power of the NWA to reduce interference with other APs. Select from 100% (Full Power) , 50% , 25% , 12 .
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 132 TKIP Select this to enable T emporal K ey Integrity Protocol (TKIP) security on your WDS. This option is compatible with other ZyXEL access points that support WDS security . Use this if the other access points on your network support WDS securit y but do not have an AES option.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 133 8.2.3 AP + Bridge Mode Use this screen to ha ve the NW A function as a bridge and acces s point simultaneously .
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 134 The following table describes t he bridge labels in this screen. T able 25 Wireless: AP + Bridge LABEL DESCRIPTIONS Operating Mode Select AP + Repeater in this field. 802.11 mode This makes sure that only compliant WLAN devices can associate with the NW A.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 135 Disable channel switching for DFS This field displays only when you select 802.11a or 802.11n/a in the 802.11 Radi o Mode field. Select this if you do not want to use DFS (Dynamic Frequency Selection).
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 136 Beacon Interval When a wirelessly networked device sends a beacon, it includes with it a beacon interv al.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 137 MCS T able The MCS Rate table is available only when 802.11n/g or 802.11n/a is selected as the 802.11 Radio Mode . IEEE 802.11n supports many different data rates which are called MCS rates.
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 138 Enable Antenna Diversity (For NW A -3160 and NWA -3163 only) Select this to use antenna diversity . Antenna diversity uses multiple antennas to reduce signal interference. Enable Spanning Tr e e C o n t r o l ( S T P ) (R)STP ( Section 8.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 139 8.2.4 MBSSID Mode Use this screen to have the NW A function in MBSSID mode. Select MBSSID as the Operating Mode .
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 140 The following table describes t he labels in this screen. T able 26 Wireless: MBSSID LABEL DESCRIPTION Operating Mo de Select MBSSID in this field to display the screen as shown 802.11 Mode This makes sure that only compliant WLAN devices can associate with the NWA.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 141 Disable channel switching for DFS This field displays only when you select 802.11a or 802.11n/a in the 802.11 Radio Mode field. Select this if y ou do not want to use DFS (Dynamic Frequency Selection).
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 142 Beacon Interval When a wirelessly networked device sends a beacon, it includes with it a beacon interval.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 143 8.3 T echnical Reference This section provides technical background information about the topics cov ered in this chapter . Select SSID Profile An SSID profile is the set of parameters relating to one of the NW A’ s BSSs.
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 144 8.3.1 S p anning T ree Protocol (STP) Spanning T ree Protocol (STP) detects and breaks network loops and pro vides backup links between switches, bridg es or ro uters.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 145 8.3.1.3 How STP Works After a bridge determines the lowest cost -spanning tree with STP , it enables the root port and the ports that are the designated ports for connected LANs, and disables all other ports that participate in STP .
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 146 activity on t he channel you select, it automat ically instructs the wireless clients t o move to another channel , then resu mes communications on the new channel. 8.3.3 Roaming A wireless station is a device with an IEEE 802.
Chapter 8 Wireless Scre en NWA-3160 Series User’s Guide 147 with other APs (Non- Z yXEL APs may no t be able t o perform this). 802.1x authentication information is not ex changed (at the time of writing). Figure 80 Roaming Example The steps below des cribe the roaming process.
Chapter 8 Wireles s Screen NWA-3160 Series User’s Guide 148 • The adjacent access points should us e differ ent radio ch annels when their cover age areas overlap.
NWA-3160 Series User’s Guide 149 C HAPTER 9 SSID Screen 9.1 Overview This chapter describes how y ou can configure Service Set Identifier (SSID) profiles in your NWA.
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 150 9.1.2 What Y ou Need T o Know About SSID The following terms and conc epts may he lp as you read through this chapter .
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 151 9.2 The SSID Screen Use this screen to select the SSID pr ofile you want to configure. Click Wireless > SSID to display the screen as shown. Figure 83 SSID The following table describes t he labels in this screen.
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 152 9.2.1 Configuring SSID Use this screen to configure an SSID profile. Select a n SSID profile in Wireless > SSID and click Edit to display the following screen. Figure 84 Configuring SSID The following table describes t he labels in this screen.
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 153 9.3 T echnical Reference This section provides technical background information about the topics cov ered in this chapter . 9.3.1 WMM QoS WMM (Wi-Fi MultiMedia) QoS (Quality of Service) ensures qual ity of service i n wireless networks.
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 154 On APs without WMM QoS, all tr affic stream s are given the same access priority to the wireless network.
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 155 typical data pack et sizes. Note that the figures given are merely examples - sizes may differ acco rding to applic ation and circ umstance s. When A TC is activ ated, the device sends tr affic with smaller packets before tr affic with larger packets if the network is congested.
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 156 9.3.3.1 A TC+WMM from LAN to WLAN A TC+WMM from L AN (the wired L ocal Area Net work) to WLAN ( the Wireless Lo cal Area Network) allows WMM prioriti zation of packets that do not already have WMM QoS priorities assi gned.
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 157 based on the application types and tr affic fl ow . Pa ckets are mar ked with Dif fServ Code P oints (DSCPs) indicating the lev e l of service desired.
Chapter 9 SSID Screen NWA-3160 Series User’s Guide 158 The foll owing tabl e lists which W MM QoS priority le vel the N WA uses for spe cific DSCP values. T able 36 ToS and IEEE 802.1d to WMM Qo S Priority Level Mapping DSCP V ALUE WMM QOS PRIORITY LEVEL 224, 192 v oice 160, 128 video 96, 0 A A.
NWA-3160 Series User’s Guide 159 C HAPTER 10 Wireless Security Screen 10.1 Overview This chapter describes how to use t he Wireless Secu rity screen. This screen allows y ou to configure the security mode for your N WA. Wireless security is vital to your net w ork.
Chapter 10 Wire less Security Screen NWA-3160 Series User’s Guide 160 10.1.2 What Y ou Need T o Know About Wireless Security The following terms and conc epts may he lp as you read through this chapter . User Authentication Authentication is the process of v erifying whether a wireless device is allowed to use the wireless network.
Chapter 10 Wire less Security Sc reen NWA-3160 Series User’s Guide 161 • 802.1x-Static64. This provides 802.1x -Only authentication with a static 64bit WEP key and an au then tication s erver . • 802.1x-Static128 . This provides 802.1x-Only aut hentication with a static 128bit WEP key and an authentication server .
Chapter 10 Wire less Security Screen NWA-3160 Series User’s Guide 162 Use this screen to choose and ed it a security profile. Click Wireless > Security . The following screen displays. Figure 87 Wirele ss Security The following table describes t he labels in this screen.
Chapter 10 Wire less Security Sc reen NWA-3160 Series User’s Guide 163 After selecting the securit y profile y ou want to edit, the following screen appears. Enter the na me you want to call th is security pr ofile in the Profile Name field. Figure 88 Security Profile The next screen varies according to the Se curity Mode you select.
Chapter 10 Wire less Security Screen NWA-3160 Series User’s Guide 164 Authentication Method There are two types of WEP authenti cation namely , Open System and Shared K ey . Open system is implemented for ease-of-use and when security is not an issue.
Chapter 10 Wire less Security Sc reen NWA-3160 Series User’s Guide 165 10.2.2 Security: 802.1x Only Use this screen to set t he selected profile to 802.1x Only securit y mode. Select 802.1x-Only in the Security Mode field to dis play the following screen.
Chapter 10 Wire less Security Screen NWA-3160 Series User’s Guide 166 10.2.3 Security: 802.1x S t atic 64-bit, 802.1x S t atic 128-bit Use this screen to set the selected prof ile to 802.1x Static 64 or 802.1x Stati c 128 security mode. Select 802.1x Static 64 or 802.
Chapter 10 Wire less Security Sc reen NWA-3160 Series User’s Guide 167 10.2.4 Security: WP A Use this screen to set the select ed profil e to Wi -Fi Protected Access (WP A) security mode. Select WPA in the Security Mode field to display the following screen.
Chapter 10 Wire less Security Screen NWA-3160 Series User’s Guide 168 10.2.5 Security: WP A2 or WP A2-MIX Use this screen to set the selected prof ile to WP A2 or WP A2-MIX security mode. Select WPA2 or WPA2-MIX in the Security Mode field to displa y the following screen.
Chapter 10 Wire less Security Sc reen NWA-3160 Series User’s Guide 169 The following table descri bes the labels not previously discus sed T able 43 Security: WPA2 or WPA2-MIX LABEL DESCRIPTIONS Profile Name T ype a name to identify this security profile.
Chapter 10 Wire less Security Screen NWA-3160 Series User’s Guide 170 10.2.6 Security: WP A-PSK , WP A2-PSK, WP A2-PSK-MIX Use this screen to set the selected prof ile to WP A -PSK, WP A2-PSK or WP A2-PSK - MIX security mode. Select WPA-PSK , WPA2-PSK or WPA2-PSK-MIX in the Security Mode field to display the following screen.
Chapter 10 Wire less Security Sc reen NWA-3160 Series User’s Guide 171 10.3 T echnical Reference This section provi des technical background information on the topics discussed in this chapter . The following is a gener al guideline in ch oosing the securit y mode for your NW A.
Chapter 10 Wire less Security Screen NWA-3160 Series User’s Guide 172.
NWA-3160 Series User’s Guide 173 C HAPTER 11 RADIUS Screen 1 1.1 Overview This chapter describes how y ou can use the Wireless > RADIUS screen. Remote A uthentication Dial In User Serv ice (RADIUS) is a protocol that can be used to manage user access to large networks.
Chapter 11 RADIUS Screen NWA-3160 Series User’s Guide 174 1 1.1.1 What Y ou Can Do in the RADIUS Screen Use the Security > RADIUS screen (see Section 11.2 on page 175 ) if you w ant to authen ticate w ireless users using a RADIUS Server and/or Accounting Server .
Chapter 11 RADIUS Screen NWA-3160 Series User’s Guide 175 1 1.2 The RADIUS Screen Use this screen to set up y our NW A’ s RADIUS server settings. Cl ick Wireless > RADIUS . The screen appears as shown. Figure 96 RADIUS The following table describes t he labels in this screen.
Chapter 11 RADIUS Screen NWA-3160 Series User’s Guide 176 Internal Select this check box to use the NWA’ s internal authen tication server . The Active , RA DIUS Server IP Addre ss , RADIUS Server Port and Share Secret fields are not available when you use the internal authentication server .
NWA-3160 Series User’s Guide 177 C HAPTER 12 Layer-2 Isolation Screen 12.1 Overview Layer -2 isolation is used to prevent wireless clients associated with your NW A from communicating with other wireless c lients, APs, computers or rout ers in a network.
Chapter 12 Layer-2 Iso lation Screen NWA-3160 Series User’s Guide 178 communicating with the NW A’ s wireless c lients except for broadcast packets. Layer -2 isolation does not check the tr aff ic between wireless clients that are associated with the same AP .
Chapter 12 Layer-2 Isolation Screen NWA-3160 Series User’s Guide 179 12.2 The Layer-2 Isolation Screen Use this screen to select and configure a layer-2 is olation profile. Click Wireless > Layer-2 Isolation . The screen appears as shown next. Figure 98 Layer 2 Isolati on The following table describes t he labels in this screen.
Chapter 12 Layer-2 Iso lation Screen NWA-3160 Series User’s Guide 180 12.2.1 Configuring Layer-2 Isolation Use this screen to specify the configur at ion for y our laye r-2 isolation pr ofile. Select a lay er-2 isolation profile in Wireless > Layer-2 Isolation and cli ck Edit to display the following screen.
Chapter 12 Layer-2 Isolation Screen NWA-3160 Series User’s Guide 181 12.3 T echnical Reference This section provi des technical background information on the topics discussed in this chapter . The figure that follows i llustrates two ex ample layer -2 isolation configurations on your NWA ( A ).
Chapter 12 Layer-2 Iso lation Screen NWA-3160 Series User’s Guide 182 Example 1: Restricti ng Access to Server In the following example wireless clients 1 and 2 can communicate with file server C , but not access point B or wireless client 3 .
NWA-3160 Series User’s Guide 183 C HAPTER 13 MAC Filter Screen 13.1 Overview This chapter discusses how you can use the Wireless > MAC Filter screen. The MAC filter function allows you to configure the NW A to grant access to devices (Allow Association) or ex clude devices from accessing the NW A (Den y Association).
Chapter 13 MAC Filt er Screen NWA-3160 Series User’s Guide 184 characters, for example, 00:A0:C5:00:00:02. Y ou need to know the MAC address of each device to configure MAC fi ltering on the NWA. 13.2 The MAC Filter Screen The MAC filter profile is a user-confi gured list of MAC addresses.
Chapter 13 MAC Filter Scr een NWA-3160 Series User’s Guide 185 13.2.1 Configuring the MAC Filter T o change your NWA’ s MAC filter s ettings, c lick WIRELESS > MAC Filter > Edit .
Chapter 13 MAC Filt er Screen NWA-3160 Series User’s Guide 186 Note: If you configure both the MAC Address Filter table and Group Settings table and a client matches a MAC address specified in both tables, the set tings in the Group Settings is applied by the NW A first.
NWA-3160 Series User’s Guide 187 C HAPTER 14 IP Screen 14.1 Overview The Internet Protocol (IP) address iden tifies a devi ce on a network. Every networking device (inclu ding computers, se rvers, routers, printers, etc.) needs an IP address to communicate across the netw ork.
Chapter 14 IP Screen NWA-3160 Series User’s Guide 188 These parameters should work fo r the majority of installations. 14.2 The IP Screen Use this screen to configure the IP address for your NW A. Click IP to display the following screen. Figure 107 IP Setup The following table describes t he labels in this screen.
Chapter 14 IP Scree n NWA-3160 Series User’s Guide 189 14.3 T echnical Reference This section provides technical background information about the topics cov ered in this chapter . 14.3.1 W AN IP Address Assignment Every computer on the Internet must have a unique IP address.
Chapter 14 IP Screen NWA-3160 Series User’s Guide 190.
NWA-3160 Series User’s Guide 191 C HAPTER 15 Rogue AP Detection 15.1 Overview Rogue APs are wireless access points oper at ing in a network’ s cover age area that are not under the control of the network’ s administr ators, and can open up holes in a network’ s securit y .
Chapter 15 Rogue AP Detection NWA-3160 Series User’s Guide 192 In the example above, a corpor ate networ k’ s security is comp romised by a r ogue AP ( R ) set up by an employ ee at his workst at ion in order to allow him to connect his notebook computer wirel essly ( A ).
Chapter 15 Rogue AP Detectio n NWA-3160 Series User’s Guide 193 The friend ly AP list d isplays detai ls of all the acc ess poin ts in your area tha t you know are not a threat. If you have more th an one AP in your network, you need to configure this list to include your other AP s.
Chapter 15 Rogue AP Detection NWA-3160 Series User’s Guide 194 This scenario can also be part of a wirele ss denial of s ervice (DoS) attack, in which associated wireless clients are deprived of network access. Other opportunities for the attacker include th e introduction of malware (malici ous software) into th e network.
Chapter 15 Rogue AP Detectio n NWA-3160 Series User’s Guide 195 15.2.1 Friendly AP Screen Use this screen to specif y APs as trusted. Click Rogue AP > Friendly AP . The following screen appears: Figure 1 1 1 Rogue AP Friendly AP The following table describes t he labels in this screen.
Chapter 15 Rogue AP Detection NWA-3160 Series User’s Guide 196 15.2.2 Rogue AP Screen Use this scren to dis play details of al l wireless access points within the NW A’ s cover age area. Click Rogue AP > Rogue AP . The following screen displa ys.
Chapter 15 Rogue AP Detectio n NWA-3160 Series User’s Guide 197 MAC Address This field displays the Medi a Access Control (MAC) address of the AP . All wireless devices have a MAC address that uniquely identifies them. SSID This field displays the Service Set IDentifier (also known as the networ k name) of the AP .
Chapter 15 Rogue AP Detection NWA-3160 Series User’s Guide 198.
NWA-3160 Series User’s Guide 199 C HAPTER 16 Remote Management Screens 16.1 Overview This chapter shows you how t o enable remote management of your NW A. It provides information on determining whic h services or protocols can access whic h of the NWA’ s interfaces.
Chapter 16 Remo te Management Scree ns NWA-3160 Series User’s Guide 200 16.1.1 What Y ou Can Do in the Remote Management Screens •U s e t h e Telnet screen (see Section 16.2 on page 202 ) to con figure through which interface(s) and from which IP address(es) y ou can use T elnet to manage the NWA.
Chapter 16 Remot e Management Screens NWA-3160 Series User’s Guide 201 Note: SNMP is only available if TCP/IP is con figured. Figure 1 14 SNMP Management Mode An SNMP managed network consists of two main types of component: agents and a manager . An agent is a management software module that resides in a ma naged de vice (the NWA).
Chapter 16 Remo te Management Scree ns NWA-3160 Series User’s Guide 202 System Timeout There is a default system management idle timeout of five minutes (three hundred seconds). The NWA automatically logs you out if the management session remains idle for longer t han this timeout period.
Chapter 16 Remot e Management Screens NWA-3160 Series User’s Guide 203 16.3 The FTP Screen Y ou can upload and download the NWA’ s firmware and configuration files using FTP .
Chapter 16 Remo te Management Scree ns NWA-3160 Series User’s Guide 204 T o change your NW A’ s FTP settings, click REMOTE MGMT > FTP . The following screen displays. Figure 1 16 Remote Manageme nt: FTP The following table describes t he labels in this screen.
Chapter 16 Remot e Management Screens NWA-3160 Series User’s Guide 205 T o change your NW A’ s WWW settings, click REMOTE MGNT > WWW . The following screen shows. Figure 1 17 Remote Manageme nt: WWW The following table describes t he labels in this screen.
Chapter 16 Remo te Management Scree ns NWA-3160 Series User’s Guide 206 Server P ort The HTTPS proxy server listens on port 443 by default. If you ch ange the HT TPS pro xy server port to a differen.
Chapter 16 Remot e Management Screens NWA-3160 Series User’s Guide 207 16.5 The SNMP Screen Use this screen to ha ve a manager stat ion administrate y our NW A over the network. T o change your NW A’ s SNMP settings, click REMOTE MGMT > SNMP . The following screen displays.
Chapter 16 Remo te Management Scree ns NWA-3160 Series User’s Guide 208 SNMP V ersion Select the SNMP version for the NWA. The SNMP version on the NWA must match the version on the SNMP manager . Choose SNMP version 1 ( SNMPv1 ), SNMP version 2 ( SNMPv2 ) or SNMP ve rsion 3 ( SNMPv3 ).
Chapter 16 Remot e Management Screens NWA-3160 Series User’s Guide 209 16.5.1 SNMPv3 User Profile Use this screen to configure the SNMPv3 profile. Click Conf igure SNMPv3 User Profile in the REMOTE MGMT > SNMP screen, the following screen displays.
Chapter 16 Remo te Management Scree ns NWA-3160 Series User’s Guide 210 16.6 T echnical Reference This section provi des some technical background informatio n about the topics covered in th is chapte r .
Chapter 16 Remot e Management Screens NWA-3160 Series User’s Guide 21 1 device. Examples of v ariables include such as number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects. SNMP itself is a si mple reques t/response protocol based on the manager/ agent model.
Chapter 16 Remo te Management Scree ns NWA-3160 Series User’s Guide 212 Some traps include an SNMP interface i n dex. The following table maps the SNMP interface indexes to the NW A’ s physical and virtual ports. authenticationF ailure (defined in RFC-1215 ) 1.
NWA-3160 Series User’s Guide 213 C HAPTER 17 Internal RADIUS Server 17.1 Overview This chapter describes how the NWA can use its internal RADIUS server to authenticate wireless clients. Remote A uthentication Dial In User Serv ice (RADIUS) is a protocol that enables you to control access to a network by aut henticating user credentials.
Chapter 17 Internal RADIUS Server NWA-3160 Series User’s Guide 214 17.1.1 What Y ou Can Do in this Chapter •U s e t h e Setting screen (see Section 17.2 on page 214 ) to turn the NWA’ s internal RADIUS server off or on an d to view information about the NWA’ s certificates.
Chapter 17 Internal RADIUS Server NWA-3160 Series User’s Guide 215 The following table describes t he labels in this screen. T able 62 Internal RADIUS Serve r Setting LABEL DESCRIPTION Active Select this to hav e the NWA use its internal RADIUS server to authenticate wireless clients or other APs.
Chapter 17 Internal RADIUS Server NWA-3160 Series User’s Guide 216 17.3 The T rusted AP Screen Use this screen to specif y APs as trusted. Click AUTH. SERVER > Trusted AP. The following screen displays. Figure 122 T rusted AP Scree n The following table describes t he labels in this screen.
Chapter 17 Internal RADIUS Server NWA-3160 Series User’s Guide 217 17.4 The T rusted Users Screen Use this screen to conf igure trusted user entries. Click AUTH. SERVER > Trusted Users . The following screen displays. Figure 123 T rusted Use rs The following table describes t he labels in this screen.
Chapter 17 Internal RADIUS Server NWA-3160 Series User’s Guide 218 17.5 T echnical Reference This section provi des some technical background informatio n about the topics covered in th is chapte r . A trusted AP is an AP that uses the NW A’ s internal RADI US server to a uthentica te its wireless client s.
Chapter 17 Internal RADIUS Server NWA-3160 Series User’s Guide 219 PEAP (Protected EAP) and MD5 authentica tion is implemented on the internal RADIUS server using simple username an d password methods o ver a secure TLS connection.
Chapter 17 Internal RADIUS Server NWA-3160 Series User’s Guide 220.
NWA-3160 Series User’s Guide 221 C HAPTER 18 Certificates 18.1 Overview This chapter describes how your NWA can use certificates as a means of authenticating wireless cl ients. It giv e s background information about public -key certificates and explains how to use them.
Chapter 18 Certificates NWA-3160 Series User’s Guide 222 18.1.2 What Y ou Need T o Know About Certificates The following terms and conc epts may he lp as you read through this chapter . The NWA also trusts an y valid certif icate signed by any of the imported trusted CA certificates.
Chapter 18 Certificates NWA-3160 Series User’s Guide 223 The following table describes t he labels in this screen. T able 65 Certificates > My Certificates LABEL DESCRIPTION PKI Storage Space in Use This bar displays the percentage of the NWA’ s PKI storage space that is currently in use.
Chapter 18 Certificates NWA-3160 Series User’s Guide 224 18.2.1 My Certificates Import Screen Use this screen to import a certificate from your local computer to the NWA. Note: Y ou can import only a certificate that ma tches a corresponding certification request that was generated by the NW A.
Chapter 18 Certificates NWA-3160 Series User’s Guide 225 Note: Y ou must remove any space s from th e certificate’s filena me before you can import it. Figure 127 Certificates > My Certif icates Import The following table describes t he labels in this screen.
Chapter 18 Certificates NWA-3160 Series User’s Guide 226 18.2.2 My Certificates Create Screen Use this screen to have the NW A create a se lf -signed certificate, enroll a certi ficate with a certification authority or generate a certification request.
Chapter 18 Certificates NWA-3160 Series User’s Guide 227 Common Name Select a radio button to id entify the certificate’ s owner by IP address, domain name or e-mail address. T ype the IP address (in dotted decimal notation), domain name or e-mail address in the field provided.
Chapter 18 Certificates NWA-3160 Series User’s Guide 228 After you cl ick Apply in the My Certificate Create screen, you see a screen that tells you the NWA is generating the s elf-signed certifica te or certific ation request .
Chapter 18 Certificates NWA-3160 Series User’s Guide 229 18.2.3 My Certificates Det ails Screen Use this screen to view in-depth ce rtificate information and change the certificate’ s name.
Chapter 18 Certificates NWA-3160 Series User’s Guide 230 The following table describes t he labels in this screen. T able 68 Certificates > My Certificate Details LABEL DESCRIPTION Name This field displa ys the identifying na me of this certificate.
Chapter 18 Certificates NWA-3160 Series User’s Guide 231 V alid From This field displays the date that the certificate becomes applicable. The text displays in red and includes a Not Y e t V alid! message if the certificate has not yet become applicable.
Chapter 18 Certificates NWA-3160 Series User’s Guide 232 18.3 T rusted CAs Screen Use this screen to view the list of trus t ed certificates. The NW A accepts an y val id certificate signed by a certi fication authorit y on this list as being trustworthy .
Chapter 18 Certificates NWA-3160 Series User’s Guide 233 18.3.1 T rusted CAs Import Screen Use this screen to sa ve a trusted certif ication authority’ s certifi cate to the NW A. Click Certificates > Trusted CAs to op en the Trusted CAs screen and then click Import to open the Trusted CAs Import screen.
Chapter 18 Certificates NWA-3160 Series User’s Guide 234 The following table describes t he labels in this screen. 18.3.2 T rusted CAs Deta ils Screen Use this screen to view in-depth inform ation a.
Chapter 18 Certificates NWA-3160 Series User’s Guide 235 The following table describes t he labels in this screen. T able 71 Certificates > T rusted CAs Details LABEL DESCRIPTION Name This field displays the identifying na me of this certificate.
Chapter 18 Certificates NWA-3160 Series User’s Guide 236 V alid T o This fie ld displays the date that the certificate expires. The text displays in red and includes an Ex piring! or Expired! message if the certificate is about to expire or has already expired.
Chapter 18 Certificates NWA-3160 Series User’s Guide 237 18.4 T echnical Reference This section provides technical background information about the topics cov ered in this chapter . 18.4.1 Private-Public Certificates When using public-k ey cryptology for auth entic ation, each host has two keys.
Chapter 18 Certificates NWA-3160 Series User’s Guide 238 18.4.3 Checking the Finger print of a Certificate A certificate’ s fingerprints are message di gests calcul ated using the MD5 or SHA1 algorithms. The following procedure describes how to check a certific ate’ s fingerpr int to verify that you h ave the actual certi ficate.
NWA-3160 Series User’s Guide 239 C HAPTER 19 Log Screens 19.1 Overview This chapter provides information on vi ewing and generating logs on y our NW A. Logs are files that contain recorded netw ork activity ov er a set period. They are used by administr ators to monitor the he alth of the computer system(s) they are managing.
Chapter 19 Log Scre ens NWA-3160 Series User’s Guide 240 •U s e t h e Log Settings screen ( Section 19.3 on page 242 ) to configure where and when the NWA wi ll send the logs, and which logs and/or immed iate alerts it will send.
Chapter 19 Log Screens NWA-3160 Series User’s Guide 241 Click Logs > V iew Log . The followi ng screen displays. Figure 136 Logs > V iew Log The following table describes t he labels in this screen.
Chapter 19 Log Scre ens NWA-3160 Series User’s Guide 242 19.3 The Log Settings Screen Use this screen to configure w here an d when the NWA wi ll send the logs, and which logs and/or immediat e alerts to send. Click Logs > Log Settings . The following screen displa ys.
Chapter 19 Log Screens NWA-3160 Series User’s Guide 243 The following table describes t he labels in this screen. T able 73 Logs > Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e- mail addresses specified below.
Chapter 19 Log Scre ens NWA-3160 Series User’s Guide 244 19.4 T echnical Reference This section provi des some technical background informatio n about the topics covered in th is chapte r . 19.4.1 Example Log Messages This section provi des descriptions of some example log mes sages.
Chapter 19 Log Screens NWA-3160 Series User’s Guide 245 T able 75 ICMP Notes TYPE CODE DESCRIPTION 0 Echo Reply 0 Echo reply message 3 Destination Unreachable 0 Net unreachable 1 Hos t unrea chabl e.
Chapter 19 Log Scre ens NWA-3160 Series User’s Guide 246 19.4.2 Log Commands Go to the command interpre ter interface (ref er to Appendix E on page 357 for a discussion on how to access and use the command s).
Chapter 19 Log Screens NWA-3160 Series User’s Guide 247.
Chapter 19 Log Scre ens NWA-3160 Series User’s Guide 248.
NWA-3160 Series User’s Guide 249 C HAPTER 20 VLAN 20.1 Overview This chapter discusses how to conf igure VLAN on the NWA. A VLAN (Virtual Local Area Network) allo ws a ph ysical network to be partitioned into multiple logi cal networks. Stations on a logical network can belong to one or more groups.
Chapter 20 VLAN NWA-3160 Series User’s Guide 250 20.1.2 What Y ou Need T o Know About VLAN The following terms and conc epts may he lp as you read through this chapter . When you use wireless VLAN an d RADIUS VLAN together , the NWA f irst tries to assign VLAN IDs based on RADIUS VLAN co nfigur ation.
Chapter 20 VLAN NWA-3160 Series User’s Guide 251 20.2 Wireless VLAN Screen Use this scre en to enable and configur e your Wireless V irtual LAN s etup.
Chapter 20 VLAN NWA-3160 Series User’s Guide 252 20.2.1 RADIUS VLAN Screen Use this screen to configure your RADIUS Virtual LAN setup. Y o ur RADIU S server assigns VLAN IDs to a user or user group’ s tr affic based on what y ou set in this screen.
Chapter 20 VLAN NWA-3160 Series User’s Guide 253 Click VLAN > RADIUS V LAN . The following screen appears. Figure 140 VLAN > RADIUS VLAN The following table describes t he labels in this screen.
Chapter 20 VLAN NWA-3160 Series User’s Guide 254 20.3 T echnical Reference This section provi des some technical background information and configur ation examples about the t opics covered in this chapter . 20.3.1 VLAN T agging The NWA support s IEEE 802.
Chapter 20 VLAN NWA-3160 Series User’s Guide 255 On an Ethernet switch, create a VLAN th at has the same management VLAN ID as the NWA. The following figure has the NW A connected to port 2 and your computer connected to port 1. The management VLAN ID i s 10.
Chapter 20 VLAN NWA-3160 Series User’s Guide 256 8 Click Apply . The following screen displays. Figure 143 VLAN-A ware Switch 9 Click VLAN St atus to displa y the following screen. Figure 144 VLAN-A ware Switch - VLAN S tatus Fol low the instructions in the Quick Start Gui de to set up your NW A for configuration.
Chapter 20 VLAN NWA-3160 Series User’s Guide 257 3 Click Apply . Figure 145 VLAN Setup 4 The NWA attempts to connect with a VLAN-aware device. Y ou can now access and mange the NW A though the Ethernet switch. Note: If you do not connect the NW A to a correctly configured VLAN-aware device, you will lock yourself out of the NW A.
Chapter 20 VLAN NWA-3160 Series User’s Guide 258 Z yXEL uses the following standard RADIUS attributes returned from Microsoft’ s IAS RADIUS service to place the wirele ss station into the correct .
Chapter 20 VLAN NWA-3160 Series User’s Guide 259 1c Select the Security Group type par ameter check box. 1d Click OK . Figure 146 New Global Security Group 2 In VLAN Group ID Properties , click the Members tab. Note: The IAS uses group membership s to determine which user accounts belong to which VLAN groups.
Chapter 20 VLAN NWA-3160 Series User’s Guide 260 1 Using the Remote Access Policy option on the Internet Authentication Service management interface, create a new VLAN P olicy for each VLAN Group defi ned in the previous section. The or der of the remote access policies is important.
Chapter 20 VLAN NWA-3160 Series User’s Guide 261 3 In the Select Attribute screen, cli ck Windows-Groups and the Add button. Figure 149 S pecifying Windows-Group Condition 4 The Select Groups window displays. Select a remote access policy and click the Add button.
Chapter 20 VLAN NWA-3160 Series User’s Guide 262 6b Click the Edit Profile button. Figure 151 Granting Permissions a nd User Profile Screens 7 The Edit Dial-in Profile screen displays. Click the Authentication tab and select the Extensible Authentication Protocol check box.
Chapter 20 VLAN NWA-3160 Series User’s Guide 263 8 Click the Encryption tab. Select the Strongest encryption option. This step is not required for EAP-MD5, but is performed as a safeguard. Figure 153 Encryp tion T ab Settings 9 Click the IP tab and select the Client may request an IP address check box for DHCP support.
Chapter 20 VLAN NWA-3160 Series User’s Guide 264 11 The RADIUS Attribute screen displa ys. From the list, three RADIUS att ributes will be added: • T unnel-Mediu m- T ype • T unnel-Pvt-Group-ID • T unnel- T ype 11 a Click the Add button 11 b Select Tunnel-Medium-Type 11 c Click the Add button.
Chapter 20 VLAN NWA-3160 Series User’s Guide 265 13 Return to the RADIUS Attribute Screen shown as Figure 155 on page 264 . 13a Select Tunnel-Pvt-Group-ID.
Chapter 20 VLAN NWA-3160 Series User’s Guide 266 16b Click OK . Figure 158 VLAN Attribute Setting for T unnel-T ype 17 Return to the RADIUS Attribute Screen shown as Figure 155 on page 264 . 17a Click the Close button. 17b The completed Advanced tab configu ration should re semble the fol lowing screen.
Chapter 20 VLAN NWA-3160 Series User’s Guide 267 20.3.4 Second Rx VLAN ID Example In this example, the NWA is configured to tag packets from SSID01 with VLAN ID 1 and tag packets from SSID02 with VLAN ID 2. VLAN 1 and VLAN 2 ha ve access to a server , S , and the Internet, as shown in the following figure.
Chapter 20 VLAN NWA-3160 Series User’s Guide 268 2 Click VLAN > Wireless VLAN . 3 If VLAN is not already enabled, click Enable Virtual LAN and se t up the Management VLAN ID (see Section 20.
NWA-3160 Series User’s Guide 269 C HAPTER 21 Load Balancing 21.1 Overview Wireless load balancing is the process whereby you limit the number of connections allowed on an wireless access point (AP) or you limit the amount of wireless tr affic transmi tted and received on it.
Chapter 21 Load Balancing NWA-3160 Series User’s Guide 270 Imagine a coffee shop in a crowded business distri ct that offers free wireless connectivity to i ts customers. The coffee shop owner can’t possibly know how many connections his NWA will hav e at an y given moment.
Chapter 21 L oad Balancing NWA-3160 Series User’s Guide 271 The requirements for load balancing are fairly straight forw ard and should be met in order for a group of similar NWAs to tak e advantage of the feature: • They should all be within the same subnet.
Chapter 21 Load Balancing NWA-3160 Series User’s Guide 272 21.2.1 Disassociating and Delaying Connections When your AP becomes ov erloaded, th ere are two basic responses it can take.
Chapter 21 L oad Balancing NWA-3160 Series User’s Guide 273 can afford the bandwidth for it or the red la pt op is picked up by a different AP that has bandwidth to spare. Figure 164 Delaying a Co nnection The second response your AP can take is to kick the con nections tha t are pushing it ov er its balanced bandwi dth allotment.
Chapter 21 Load Balancing NWA-3160 Series User’s Guide 274.
NWA-3160 Series User’s Guide 275 C HAPTER 22 Dynamic Channel Selection 22.1 Overview This chapter discusses how to configure dynamic channel selection on the NWA.
Chapter 22 Dynamic Channel Selection NWA-3160 Series User’s Guide 276 In this example, if the NW A attempts t o broadcast on channels 1, 6, or 11 it is met with cross-channel interf erence from the othe r AP that shares the channel.
Chapter 22 Dynamic Channel Selection NWA-3160 Series User’s Guide 277 DCS Sensitivity Level Select the NWA’ s sensitivity level toward other channels. Options are High , Medium , and Low . Generally , as long as the area in which your NWA is located has minimal interference from other devices you can set the DCS Sensitivity Level to Low .
Chapter 22 Dynamic Channel Selection NWA-3160 Series User’s Guide 278.
NWA-3160 Series User’s Guide 279 C HAPTER 23 Maintenance 23.1 Overview This chapter describes the maintenance screens. It discusses how y ou can view the association list and channel us age, upload new firmware, manage configur ation and restart y our NW A without turning it off and on.
Chapter 23 Maintenance NWA-3160 Series User’s Guide 280 23.2 Association List Screen Use this screen to know which wireless cl ients are associated with the NW A. Click Maintenance > Association List . The following screen displays. Figure 168 Association L ist The following table describes t he labels in this screen.
Chapter 23 Maintenance NWA-3160 Series User’s Guide 281 23.3 Channel Usage Screen Use this screen to see what channel the wireless clients are using to associate with the NWA, as well as the signal strength and network mode. Click Maintenance > Channel Usage .
Chapter 23 Maintenance NWA-3160 Series User’s Guide 282 23.4 F/W Upload Screen Use this screen to upload firmware to y our NWA. Click MAINTENANCE > F/W Up load . The following screen displays. Figure 170 F/W Upload The following table describes t he labels in this screen.
Chapter 23 Maintenance NWA-3160 Series User’s Guide 283 The NWA automatic ally restarts in th is time causing a tempor ary network disconnect. In some oper ating systems, y ou may see the following icon on your desktop.
Chapter 23 Maintenance NWA-3160 Series User’s Guide 284 23.5 Configuration Screen Use this screen backup or upload your NW A’ s configur ation file. Y ou can also reset the configuratio n of your device in this screen. Click Maintenance > Configuration .
Chapter 23 Maintenance NWA-3160 Series User’s Guide 285 23.5.2 Restore Configuration Restore configur ation allows you to upload a new or previously saved configur ation file from your computer to y our NW A. Do not turn off the NW A while co nfiguration file upload is in progress.
Chapter 23 Maintenance NWA-3160 Series User’s Guide 286 If the upload was not successful, the following screen will appear . Click Return to go back to the Configuration screen.
287 P ART III Appendices and Index T roubleshooting (289) Product Specifications (297) P ower Adaptor Specifications (247) Setting up Y our Computer’s IP Add ress (249) Wireless LANs (303) P op-up W.
288.
NWA-3160 Series User’s Guide 289 C HAPTER 24 Troubleshooting 24.1 Overview This chapter offers some suggesti ons to solve problems you mi ght encounter .
Chapter 24 Trou bleshooting NWA-3160 Series User’s Guide 290 • Inspect your cables f or damage. Contact the vendor to replace an y damaged cables. • Disconnect and re-connect the power adaptor to the NW A. • If the problem co ntinue s, contact th e vendor .
Chapter 24 Trou bleshooting NWA-3160 Series User’s Guide 291 • The default password is 1234 . • If this does not work, you ha ve to rese t the device to its factory def aults. See Section 2.3 on page 36 . I cannot see or access the Login screen in the web configurator .
Chapter 24 Trou bleshooting NWA-3160 Series User’s Guide 292 • Disconnect and re-connect the po wer adaptor or cord to the NWA. • If this does not work, you ha ve to rese t the device to its factory def aults. See Section 2.3.1 on page 36 . I cannot access the NW A via the console port.
Chapter 24 Trou bleshooting NWA-3160 Series User’s Guide 293 The secondary controller AP’s wireless profiles do not appear in my wireless network. In case you have both primary and secondary controller APs in the netwo rk, the secondary controller AP’ s WLAN r adio is turned off as long as the primary controller AP is turned on.
Chapter 24 Trou bleshooting NWA-3160 Series User’s Guide 294 24.5 Internet Access I cannot access the Internet. • Check the hardware connecti ons, and mak e sure the LEDs are behavi ng as expected. See the Quick Start Guide and Section 24.2 on page 289 .
Chapter 24 Trou bleshooting NWA-3160 Series User’s Guide 295 Check the settings for QoS . If it is disabl ed, you might co nsider activ ating it. If it is enabled , you might consid er raising or lowering the pr iority for som e applications. 24.6 Wireless Router/AP T roubleshooting I cannot access the NW A or ping any computer from the WLAN.
Chapter 24 Trou bleshooting NWA-3160 Series User’s Guide 296.
NWA-3160 Series User’s Guide 297 C HAPTER 25 Product S pecifications The following tables summarize the NW A’ s hardware and firmwa re features. T able 87 Hardware Specifications P ower Specification 12 V DC , 1.5 A R eset button Returns all settings to their factory defaults.
Chapter 25 Product Specifications NWA-3160 Series User’s Guide 298 Output Power IEEE 802.11a: 5150-5250 Using single antenna: 12dBm IEEE 802.11a: 5250 - 5850 Using single antenna:18dbm IEEE 802.11b Using single antenna: 17dBm IEEE 802.11g Using single antenna: 14dBm IEEE 802.
Chapter 25 Product Specifications NWA-3160 Series User’s Guide 299 T able 88 Firmware Specif ications Default IP Address 192.168.1.2 Default Subnet Mask 255.255.255.0 (2 4 bits) Default P assword 1 234 Wireless LAN Standards (NWA -3160, NWA -3163) IEEE 802.
Chapter 25 Product Specifications NWA-3160 Series User’s Guide 300 25.1 W all-Mounting Instructions Complete the following steps to hang y our NWA on a w all. Note: See T able 25 on page 297 for the size of screws to use and how far a part to place them.
Chapter 25 Product Specifications NWA-3160 Series User’s Guide 301 5 Align the holes on the back of the NWA with the screws on the wall. Hang the NWA on the screws. Figure 180 W all-mounting Example The following are dimensions of an M4 tap screw and masonry plug used for wall mounting.
Chapter 25 Product Specifications NWA-3160 Series User’s Guide 302.
NWA-3160 Series User’s Guide 303 A PPENDIX A W ireless LANs Wireless LAN T opologies This section discuss es ad-hoc and infr astructure wi reless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configur ation is an in dependent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B , C).
Appendix A Wireless LANs NWA-3160 Series User’s Guide 304 with each other . When Intra-BS S is disabled, wireless cli ent A and B can still access the wired network but cannot communicate with eac h other .
Appendix A Wir eless LANs NWA-3160 Series User’s Guide 305 An ESSID (ES S IDentification) uniquely id entifies each ESS . All access points and their associated wirel ess clients within the same ESS must have the same ESSID in order to comm unicate.
Appendix A Wireless LANs NWA-3160 Series User’s Guide 306 RTS/CTS A hidden node occurs when two stations are within r ange of the same access point, but are not within ra nge of each other .
Appendix A Wir eless LANs NWA-3160 Series User’s Guide 307 network overhead involv ed in the R TS (R equest T o Send)/CTS (Clear to Send) handshake. If the RTS/CTS v alue is greater than the Fragmen.
Appendix A Wireless LANs NWA-3160 Series User’s Guide 308 Note: The AP and the wireless adapters MUST use the same preamble mode in order to communicate. IEEE 802.1 1g Wireless LAN IEEE 802.11g is fully compatible with th e IEEE 802.11b standard. This means an IEEE 802.
Appendix A Wir eless LANs NWA-3160 Series User’s Guide 309 The following figure shows the relative ef fectiveness of these wireless security methods av ailable on your NW A. Note: Y ou must enable the same wireless security settings on the NW A and on all wireless clients that you want t o associate with it.
Appendix A Wireless LANs NWA-3160 Series User’s Guide 310 • Authorization Determin es the network services availabl e to authenticated users once they are connected to the network. •A c c o u n t i n g K eeps track of the client’ s network activity .
Appendix A Wir eless LANs NWA-3160 Series User’s Guide 31 1 EAP (Extensible Authenticati on Protocol) is an authentication prot ocol that runs on top of the IEEE 802.
Appendix A Wireless LANs NWA-3160 Series User’s Guide 312 T TLS supports EAP methods and legacy au thentication methods such as P AP , CHAP , MS-CHAP and MS-CHAP v2.
Appendix A Wir eless LANs NWA-3160 Series User’s Guide 313 WP A and WP A2 Wi-Fi Protected Ac cess (WPA ) is a subset of the IEEE 802.11i standard. WP A2 (IEEE 802.11i) is a wireless se curity standard that defi nes stronger encryption, authentication and key management than WPA.
Appendix A Wireless LANs NWA-3160 Series User’s Guide 314 The Message Integrity Check (MIC) is de signed to prevent an attacker from capturing data pack ets, altering them and resending them. The MIC pro vides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC.
Appendix A Wir eless LANs NWA-3160 Series User’s Guide 315 The Windows XP patch is a free download that adds WP A capabili ty to Windows XP's built-in "Z ero Configur ation" wirele ss client. Howev er , you must run Windows XP to use it.
Appendix A Wireless LANs NWA-3160 Series User’s Guide 316 1 First enter identical passwords into the AP and all wireless client s. The Pre-Shared K ey (PSK) must consist of between 8 an d 63 ASCII characters or 64 hexadecimal characters (including spaces and symbols).
Appendix A Wir eless LANs NWA-3160 Series User’s Guide 317 Antenna Overview An antenna couples RF signals onto air . A tr ansmitter within a wireless device sends an RF signal to the antenna, whic h propagates the signal through the air . The antenna also operates in reverse by capturing RF signals from the air .
Appendix A Wireless LANs NWA-3160 Series User’s Guide 318 antenna is a theoretical perfect antenna that sends out rad io signals equally well in all directions. dBi represents the t r ue gain that the antenna provides. T ypes of Antennas for WLAN There are two types of antennas used for wireless LAN applications.
NWA-3160 Series User’s Guide 319 A PPENDIX B Pop-up Windows, JavaScript s and Java Permissions In order to use the web configurator you need to allow: • W eb browser pop-up wind ows from your device. • Jav aScripts (enabled by defa ult). • Jav a permissions (enabled by default).
Appendix B Po p-up Window s, JavaScrip ts and Java Permissions NWA-3160 Series User’s Guide 320 1 In Internet Explorer , select Tools , Internet Options , Privacy . 2 Clear the Block pop-ups check box in the Pop-up Bloc ker section of the screen. This disables an y web pop-up block ers you may have enabled.
Appendix B Pop-u p Windows, JavaScripts and Java Permissions NWA-3160 Series User’s Guide 321 2 Select Settings… to open the Pop-up Blocker Settings screen. Figure 190 Internet Options: Privacy 3 T ype the IP address of your device (the web page that you do not want to have blocked) wi th the prefix “http://” .
Appendix B Po p-up Window s, JavaScrip ts and Java Permissions NWA-3160 Series User’s Guide 322 4 Click Add to mov e the IP address to the list of Allowed sites . Figure 191 Pop-up Blo cker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting .
Appendix B Pop-u p Windows, JavaScripts and Java Permissions NWA-3160 Series User’s Guide 323 1 In Internet Explorer , click Tools , Internet Options and then the Security tab. Figure 192 Internet Options: Secu rity 2 Click the Custom Level... bu tton.
Appendix B Po p-up Window s, JavaScrip ts and Java Permissions NWA-3160 Series User’s Guide 324 6 Click OK to close the window . Figure 193 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer , click Tools , Internet Options and then the Se curity tab.
Appendix B Pop-u p Windows, JavaScripts and Java Permissions NWA-3160 Series User’s Guide 325 5 Click OK to close the window . Figure 194 Security Settings - Java JA V A (Sun) 1 From Internet Explorer , click Tools , Internet Options and then the Ad vanced tab.
Appendix B Po p-up Window s, JavaScrip ts and Java Permissions NWA-3160 Series User’s Guide 326 3 Click OK to close the window . Figure 195 Java (Sun).
NWA-3160 Series User’s Guide 327 A PPENDIX C IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify indi vidual devices on a network. Every networking device (including computers, serv ers, routers, printers, etc.
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 328 The following figure shows an example IP address in which the first three octets (192.
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 329 By conv ention, subnet masks alw ays cons ist of a continuous sequence of ones beginning from the leftmost bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits.
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 330 As these two IP addresses cannot be us ed for individual hosts, calculat e the maximum number of possible host s in a network.
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 331 Subnetting Y ou can use subnetting to divide one netw ork into multiple sub-networks. In the following example a network administrator creates t wo sub-networks to isolate a group of servers from the rest of th e compan y network for security reasons.
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 332 The following figure shows the company network after subnet ting. There are now two sub-n etworks, A and B .
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 333 Each subnet contains 6 host ID bit s, giving 2 6 - 2 or 62 hosts f or each subnet (a host ID of all zeroes i s the subnet it self , all ones is the subnet’ s broadcast address).
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 334 Example: Eight Subnet s Similarly , use a 27-bit mask to create eig ht subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each sub net.
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 335 The following table is a summary for subnet planning on a network with a 16-bit network number . Configuring IP Addresses Where you obtain your network number depends on your particular situation.
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 336 you entered. Y ou don't need to change the subnet mask computed by the NW A unless you are instructed to do otherwise. Private IP Addresses Every machine on the In ternet must ha ve a uni que address.
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 337 Windows 95/98/Me Click Start , Settings , Control Panel and double-click the Network icon to open the Network window Figure 199 WIndows 95/98/Me: Netwo rk: Configuration Inst alling Component s The Network window Configuration tab displays a list of installed components.
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 338 3 Select Microsoft from the list of manufacturers . 4 Select TCP/IP from the list of network protocols and then click OK . If you need Client for Microsoft Networks: 1 Click Add .
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 339 3 Click the DNS Configuration tab. • If you d o not know your DN S information, select Disable DN S . • If you know y our DNS information, select Enable DNS and type the information in the fields below (y ou may not need to fill them all in).
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 340 3 Select your network adapter . Y ou should see your computer's IP address, subnet mask and default gatewa y . Windows 2000/NT/XP 1 For Windows XP , click start , Control Panel .
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 341 3 Right-cli ck Local Area Connection and then click Properties . Figure 204 Windows XP: Control Panel: Ne twork Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the Ge neral tab in Win XP) and click Properties .
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 342 • If you hav e a static IP address click Use the following IP Address and fill in the IP address , Subnet mask , and Default gateway fields.
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 343 •C l i c k Obtain DNS server address automatically if you do not know your DNS server IP address(es ).
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 344 Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double -click TCP/IP to open the TCP/ IP Control Panel .
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 345 2 Select Ethernet built-in from the Connect via list. Figure 209 Macintosh OS 8/9: TCP/IP 3 For dynamically ass igned settings, select Using DHCP Server from the Configure: list.
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 346 Macintosh OS X 1 Click the Apple menu, and click System Preferences to open the System Preferences window . Figure 210 Macintosh OS X: Apple Menu 2 Click Networ k in the icon ba r .
Appendix C IP Addresses and Subnetting NWA-3160 Series User’s Guide 347 •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address box. • T ype your subnet mask in the Subnet mask bo x. • T ype the IP address of your NWA in the Ro uter address box.
Appendix C IP Addresses a nd Subnetting NWA-3160 Series User’s Guide 348.
NWA-3160 Series User’s Guide 349 A PPENDIX D T ext File Based Auto Configuration This chapter describes how administ rators can use text confi guration files to configure the wireless LAN setti ngs for multiple APs.
Appendix D Text File Ba sed Auto Configuration NWA-3160 Series User’s Guide 350 Y ou can have a different configuration file for each AP . Y ou can also hav e multiple APs use the same configur ation file.
Appendix D Text File Based Auto Configuration NWA-3160 Series User’s Guide 351 V erifying Y our Configuration File Upload V ia SNMP Y ou can use SNMP management software to display the configuration file v ersion currently on the device by using the foll owing MIB.
Appendix D Text File Ba sed Auto Configuration NWA-3160 Series User’s Guide 352 The AP igno res any imprope rly forma tte d commands and continues to check the next line.
Appendix D Text File Based Auto Configuration NWA-3160 Series User’s Guide 353 Figure 215 802.1X Configura tion File Example Figure 216 WP A-PSK Configuration File Example !#ZYXEL PROWLAN !#VERSION .
Appendix D Text File Ba sed Auto Configuration NWA-3160 Series User’s Guide 354 Figure 217 WP A Configuration File Example Wlan Command Configuration File Example This example configur ation file us.
Appendix D Text File Based Auto Configuration NWA-3160 Series User’s Guide 355 commands that create security and S SID pr ofiles before the commands that tell the AP to use thos e profiles.
Appendix D Text File Ba sed Auto Configuration NWA-3160 Series User’s Guide 356.
NWA-3160 Series User’s Guide 357 A PPENDIX E How to Access and Use the CLI This chapter introduces the command line interface ( CLI). Accessing the CLI Use any of the following methods t o access the CLI. Console Port Y ou can use this method if your NWA has a console port.
Appendix E Ho w to Access a nd Use the C LI NWA-3160 Series User’s Guide 358 2 Open a T elnet session to the NWA’ s IP addres s. If this is your first logi n, use the default v alues. Make sure your computer IP address is in the same subnet, unless you are accessing the NW A through one or more ro uters.
Appendix E How to Access and Use the CLI NWA-3160 Series User’s Guide 359 • Commands are in courier new font . • R equired input v alues are in angle brackets <>; for example, ping < ip- address > means that y ou must specify an IP address for this c ommand.
Appendix E Ho w to Access a nd Use the C LI NWA-3160 Series User’s Guide 360 Copy and Paste Commands Y ou can copy and paste commands directly fr om this document into y our terminal emulation console window (such as HyperT erminal). Use right- click (not [CTRL]- [V]) to paste your command into the console window as shown next.
Appendix E How to Access and Use the CLI NWA-3160 Series User’s Guide 361 Saving Y our Configuration In the NWA some commands are saved as you run them and others require y ou to run a sav e command. See the related section of this guide to see if a sav e command is required.
Appendix E Ho w to Access a nd Use the C LI NWA-3160 Series User’s Guide 362.
NWA-3160 Series User’s Guide 363 A PPENDIX F Legal Information Copyright Copyright © 2010 by Z yXEL Communications Corpor ation. The contents of this publication ma y not be reproduced in any p art.
Appendix F L egal Informati on NWA-3160 Series User’s Guide 364 • This device must acce pt any interf erence received, including interference that may cause undesired operations. This device has been tested and found to comply with the limits for a Clas s B digital device pursuant to P art 15 of th e FCC Rules.
Appendix F Legal Information NWA-3160 Series User’s Guide 365 前項合法通信,指依電信規定作 業之無線電信。低功率射頻電機須 忍 受合法通信或工業、科學及醫療 .
Appendix F L egal Informati on NWA-3160 Series User’s Guide 366 Note Re pair or replacement, as provided under this wa rranty , is the excl usive remedy of the purchaser . This warranty is in lieu of all other warr anties, express or implied, including any implied w arranty of merchantabilit y or fitness for a particular use or purpose.
Index NWA-3160 Series User’s Guide 367 Index A access 24 access point 24 access privileges 29 accessing the CLI 357 address 11 0 address assignment 11 0 , 189 address filtering 23 administrator authentication on RADIUS 11 7 Advanced Encryption Standard See AES.
Index NWA-3160 Series User’s Guide 368 D default 286 DFS 145 Differentiated Services 157 DiffServ 156 DiffServ Code P oint (DSCP) 157 DiffServ Code P oints 157 DiffServ marking rule 157 dimensions 2.
Index NWA-3160 Series User’s Guide 369 log descriptions 244 login 358 logs 239 M MAC address 23 , 178 , 183 MAC address filter action 186 MAC filter 30 MAC filtering 299 maintenance 23 management 23.
Index NWA-3160 Series User’s Guide 370 reset button 297 restore 285 roaming 146 requirements 147 rogue AP 23 , 193 , 194 , 195 root bridge 144 RT S (Request T o Send) 306 threshold 306 , 307 S safet.
Index NWA-3160 Series User’s Guide 371 wireless client WPA supplicants 314 Wireless Distribution System (WDS) 28 wireless Internet connection 24 wireless LAN 295 wireless security 29 , 159 , 295 , 3.
Index NWA-3160 Series User’s Guide 372.
Ein wichtiger Punkt beim Kauf des Geräts ZyXEL NWA-3166 (oder sogar vor seinem Kauf) ist das durchlesen seiner Bedienungsanleitung. Dies sollten wir wegen ein paar einfacher Gründe machen:
Wenn Sie ZyXEL NWA-3166 noch nicht gekauft haben, ist jetzt ein guter Moment, um sich mit den grundliegenden Daten des Produkts bekannt zu machen. Schauen Sie zuerst die ersten Seiten der Anleitung durch, die Sie oben finden. Dort finden Sie die wichtigsten technischen Daten für ZyXEL NWA-3166 - auf diese Weise prüfen Sie, ob das Gerät Ihren Wünschen entspricht. Wenn Sie tiefer in die Benutzeranleitung von ZyXEL NWA-3166 reinschauen, lernen Sie alle zugänglichen Produktfunktionen kennen, sowie erhalten Informationen über die Nutzung. Die Informationen, die Sie über ZyXEL NWA-3166 erhalten, werden Ihnen bestimmt bei der Kaufentscheidung helfen.
Wenn Sie aber schon ZyXEL NWA-3166 besitzen, und noch keine Gelegenheit dazu hatten, die Bedienungsanleitung zu lesen, sollten Sie es aufgrund der oben beschriebenen Gründe machen. Sie erfahren dann, ob Sie die zugänglichen Funktionen richtig genutzt haben, aber auch, ob Sie keine Fehler begangen haben, die den Nutzungszeitraum von ZyXEL NWA-3166 verkürzen könnten.
Jedoch ist die eine der wichtigsten Rollen, die eine Bedienungsanleitung für den Nutzer spielt, die Hilfe bei der Lösung von Problemen mit ZyXEL NWA-3166. Sie finden dort fast immer Troubleshooting, also die am häufigsten auftauchenden Störungen und Mängel bei ZyXEL NWA-3166 gemeinsam mit Hinweisen bezüglich der Arten ihrer Lösung. Sogar wenn es Ihnen nicht gelingen sollte das Problem alleine zu bewältigen, die Anleitung zeigt Ihnen die weitere Vorgehensweise – den Kontakt zur Kundenberatung oder dem naheliegenden Service.