22Mbps Wireless LAN Access Point
Contents
1. System Restore Automatic Updates Remote General Computer Name Hardware Advanced Add Hardware Wizard The Add Hardware Wizard helps you install hardware Add Hardware wizard Device Manager The Device Manager lists all the hardware devices installed on your computer Use the Device Manager to change the properties of any device Hardware Profiles a Hardware profiles provide a way for you to set up and store different hardware configurations Hardware Profiles Cancel Apply Device Manager File Action View Help Sse 23 24 H a TEST 13 J Computer Gee Disk drives a Display adapters ci DYDICD ROM drives ey Floppy disk controllers A Floppy disk drives ey IDE ATA ATAFI controllers B gt Keyboards EY Mice and other pointing devices amp Monitors 2 Network adapters EF AEE E g Update Driver Intel R PROM ap reer i Disable E Other devices E PCMCIA adapters Ports COM amp LPT I J Processo Sound Msand Properties System devices Universal Serial Bus controllers Opens property sheet For the current selection ct ct ce m 43 Baky 2AM WLAN Adapter Properties IK Check and make sure that the network General Advanced Driver Resources Power M2. Automatic Certificate Request i Computer Configuration ca C Software Settings Windows Settings z Automatic Certificate Request nterprise Trust IP Security Policies on Active Directory o H E Administrative Templates Refresh El gfe User Configuration Export List H E Software Settings J Windows Settings H Administrative Templates View Help Create anew Automatic Certificate Request object and add it to the Security Configuration Editor 17 The Automatic Certificate Request Setup Wizard will guide you through the Automatic Certificate Request setup simply click Next through to the last step Automatic Certificate Request Setup Wizard x Certificate Template The nest time a computer logs on a certificate based on the template you select 1s provided 4 certificate template is a set of predefined properties for certificates issued to computers Select a template from the following list Certificate templates Mame _Intended Purposes o Computer Client Authentication Server 4uthenticatior Domain Controller Client Authentication Server 4uthenticatior Enrollment Agent Computer Certificate Request Agent IFSEC 1 3 6 1 5 5 8 2 2 a Cancel 18 Click Finish to complete the Automatic Certificate Request Setup 19 Go to Start
3. Opens property sheet for the current selection 102 52 Goto Authentication tab 53 Enable Extensible Authentication Protocol 54 Select MD5 Challenge for EAP type Edit Dial in Profile Moscs fice 103 APPENDIX D GLOSSARY Access Point An internetworking device that seamlessly connects wired and wireless networks Ad Hoc An independent wireless LAN network formed by a group of computers each with an network adapter AP Client One of the additional AP operating modes offered by 22mbps Access Point which allows the Access Point to act as an Ethernet to Wireless Bridge thus a LAN or a single computer station can join a wireless ESS network through it Authentication Type Indication of an authentication algorithm which can be supported by the Access Point 1 Open System Open System authentication is the simplest of the available authentication algorithms Essentially it is a null authentication algorithm Any station that requests authentication with this algorithm may become authenticated if 802 11 Authentication Type at the recipient station is set to Open System authentication 2 Shared Key Shared Key authentication supports authentication of stations as either a member of those who knows a shared secret key or a member of those who does not Backbone The core infrastructure of a network which transports information from one central location to another where the infor
4. Click OK to close the window with the changes made Select Use the following IP address Enter the IP address and subnet mask fields Enter the IP address of the Router in the Default gateway field Enter the IP address of the Router inthe DNS server field Click Ok to close the window Internet Protocol TCP IP Properties ae 5 ajx General ou can get IF settings assigned automatically if your network supports this capability Uthenwse you need to ask pour network administrator for the appropriate IP settings F address Subnet mask Detaulh gateway f Obtain ONS server address automatically Use the following DNS server addresses Advanced asp Cancel Y r e e r Thos Tris E P f coli TCP IP Pe aftie 7 x anh al we S gt Ki ni Prefered DHS serer Alternate DHS server General You can get IF settings agsigned automatically if your network supports this capability Othenawise you need to ask your network administrator for the appropriate IP settings IP address 192 168 1 2 255 255 255 0 Subnet mask Detault gateway f Obtain ONS server address automatically f Use the following DNS server agere Preferred DNS server Alternate ONS server 58 Wireless Network In Windows 98 and Windows ME Go to Start menu gt Settings gt Control Panel gt Double click on Network Sel
5. IEEE 802 11 standard The 22mbps Wireless Access Point supports 64 128 256 bit shared key for WEP Would the information be transmitted securely in the air WLAN offers two layers of protection for security First layer is on the hardware level As with Direct Sequence Spread Spectrum DSSS technology it has the inherent security feature of scrambling Second of all on the software level the security controlis made possible by Wired Equivalent Privacy WEP for access control What is ISM band The FCC and their counterparts outside of the U S have set aside bandwidth for unlicensed use in the ISM Industrial Scientific and Medical band The 2 4GHz unlicensed ISM band is available worldwide which presents the opportunity for the global market of 802 11b high speed wireless products What is 4X mode 45 This is a proprietary wireless data transmission mode provided by TI which enhances TP s 22Mbps PBCC speed to reach data throughput to over 12Mbps Since it is not IEEE 802 11b standard wireless data mode in order to allow 4X mode both the receiving and transmitting parties must be using TI solution APPENDIX B NETWORKING BASIS This chapter will help you learn the basics of home networking Using the Windows XP Network Setup Wizard Goto Start menu gt Network Setup Wizard Contor panei Welcome to the Network Setup Network Connections k Wizard F s This wizard will help you set up this computer to run on your n
6. Media B oy Address A http f 192 168 1 10 certsrv certfnsh asp gt ao Links Microsoft Certificate Services VVirelessCA Certificate Issued The certificate you requested was issued to You Pet Install this certificate Done 7 Internet T 21 Click Yes to store the certificate to your local computer Root Certificate Store Do vou wank to 400 the Following certificate to the Root Store Subject WirelessC4 Ty Issuer Self Issued Time Validity Monday January 06 2003 through Thursday January 06 2005 Serial Number 132713501 47483763 41E04CF 2497D9F4 Thumbprint shal 244FCBSC 2D9F2F21 400262F9 Z008DEF4 B490D10E Thumbprint rds 1EBALETO 20364070 665127146 413566440 73 22 Certificate is now installed Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ay Back x a A po Search SP Favorites GA media B cee z Eja Links Home Certificate Installed Your new certificate has been successfully installed g Done n i Internet All the configuration and certificate download are now complete Let s try to connect to the Access Point using 802 1x TLS Authentication _74 23 Windows XP will prompt you to select a certificate for wireless network connection Click on the network connection icon in the system tray to continue yh ul ILO TIE cs ra a
7. Select the Encryption Key Length Size ranging from 64 to 256 Bits that you would like to use Select the Lifetime of the Encryption Key from 5 Minutes to 1 Day As soon as the lifetime of the Encryption Key is over the Encryption Key will be renewed by the Radius server 4 Enter the IP address of and the Port used by the Primary Radius Server Enter the Shared Secret which is used by the Radius Server 5 Enter the IP address of Port and Shared Secret used by the Secondary Radius Server Click Apply button for the 802 1x settings to take effect after Access Point reboots itself Note As soon as 802 1x security is enabled all the wireless client stations that are connected to the Access Point currently will be disconnected The wireless clients must be configured manually to authenticate themselves with the Radius server to be reconnected 81 Radius Server Window2000 Server This section to help those who has Windows 2000 Server installed and wants to setup Windows2000 Server for 802 1x authentication which includes setting up Certificate Service for TLS Authentication and enable EAP methods 1 Login into your Windows 2000 Server as Administrator or account that has Administrator authority Go to Start gt Control Panel and double click Add or Remove Programs Click on Add Remove Windows components Check Certificate Services and click Next to continue Windows Components Wizard i Windows Co
8. disable SSID Broadcast to allow only those wireless clients with the AP s SSID to communicate with the Access Point 4X Mode When 4X enable is selected you will be running 22Mbps PBCC 4X mode the wireless transmission speed can achieve over 12Mbps real throughput assuming that the wireless client device is also running 22Mbps PBCC 4X Note 4X mode is proprietary transmission mode available only with our solution chipset In order to achieve superb speed by 4X or 22Mbps PBCC mode both the transmitting and receiving parties must be using our WLAN solution products Security This page is where you configure the security features supported by this Access Point Password Admainistrater id acini vied e AK HAC Fiter i Emabled Dienbled C only desp Pos with mac listed below to access device OF inky allem BCs mith MAG listed belor bo access device i 10 mee E ee TE W wE CG aca E le E TE 44 i wean E H IE SE FE Password Allow you to change the new login password Here are the necessary steps 1 Enter the new password in the AP Password New field 2 Enter the new password again in the Confirm field 3 Click Apply Note The wireless clients will not be able to recognize the Access Point using Site Survey utilities such as zero configuration utility provided in Windows XP MAC Filter MAC Filter function controls the MAC of the network devices that are listed in this table for a
9. e g files and printers and enjoy the freedom of networking wirelessly The 22mbps Wireless Access Point is an ideal wireless device for SOHO and small office which can also be integrated to large networks as well Please take a moment to read through this manual and get acquainted with our 22mpbs Wireless Access Point Product Features gt Fully compatible with IEEE 802 11b standard for wireless and 802 3 for LAN connection Interoperable with existing IEEE 802 11b standard devices Yv v Supports new data modulation PBCC technology from Text Instrument which allows high data with double speed of right up to 22mbps 20 more transmitting and receiving coverage supported by PBCC modulation 4X mode achieving real throughput of over 12Mbps is available Supports auto data rate fallback under noisy environment or longer distance Enhanced security on WEP encryption from 64 128 to a maximum of 256 bits Supports 802 1x to further ensure wireless network security Built in DHCP server 4 AP operating modes available to fulfill your needs 1 AP 2 AP Client 3 AP Bridge Point to Point and Multi Point VV VV VV WV 5 4 Repeater gt Easy setup and installation with web based configuration utility gt AP management utility running on PC to make it easy to manage and configure all the AP in the same network System Requirements Windows 95 98 98SE Millennium NT 2000 and XP computers Internet Explorer 5 5 or h
10. ee Arnor g 7 1 2 acces a E e al a STEN Flr a PE oer nen BPS es TU onto atcess nrcugn emote Access oity or P Verity Calero i T Assign 2 Static IP Address es i ri paar ed re ee pee eat 2 BOD Stait Routes Static Gubes For MDS Authentication Steps 39 54 39 Go to Start gt Program gt Administrative Tools gt Active Directory Users and Computers 40 Right click on the domain and select Properties Active Directory Users and Computers Tree FOE LOCSL 5 objects 4 Active Directory Users lal Pa ilkirs uiltinDormain H E Delegate Control onkainer Default container For upg A Find l Prganizational Default container for new Pala Connect to Bobi i ontainer Default container for secu A Connect to Domain Controller ontainer Default container For upar fl Operations Masters New All Tasks VIEW Mew Window From Here Refresh Export List 4 Opens pro Help 41 Select Group Policy tab and click Edit to edit the Group Policy FAE LOCAL Properties Detank Domain Policy 42 Go to Computer Configuration gt Windows Settings gt Security Settings gt Account Policies gt Password Policies g Group Policy Tree Computer Setting fee Default Domain Policy Fae01 FA a Siero password history 1 passwords remembered E g Computer Configuration ia Maxirnum password age 42 da
11. gt Run and type command and click Enter to open Command Prompt 20 Type secedit refreshpolicy machine_policy to refresh policy Adding Internet Authentication Service H Command Prompt Cowtsecedit refreshpolicy machine_policy Group policy propagation From the domain has been initiated for this computer 1 t may take a few minutes for the propagation to complete and the new policy to t ake effect Please check Application Log for errors if any Gis 21 Go to Start gt Control Panel gt Add or Remove Programs 87 22 Select Add Remove Windows Components from the panel on the left 23 Select Internet Authentication Service and click OK to install Networking Services zs x To add or remove a component click the check bos A shaded box means that only part of the component will be installed To see what s included in a component click Details subcomponents of Networking Services E amp LOM Internet Services Pros 0 0 ME E Domain Name System DNS 1 1 ME wl E Gunamic Ho antauratior O fey os Admission Control service INI O i Simple TCP IP Services 0 0 ME O Site Server ILS Services 15ME Description Enables authentication authorization and accounting of dial up and PH Users LAS supports the RADIUS protocol Total disk space required O4MB Details Space available on disk 9462 6 MB Cancel Setting Internet Authentication Serv
12. log entries by clicking the Refresh button _15 Basic Setting This is the page where you can change the basic settings of the Access Point with the minimum amount of effort to adjust a secure wireless network AP Mame fAPFFFODA SSD APFF FOO Channel 5 COamaint Japan alls WEP Key Disable gabets 1znbets zsthets Mode lASCE gt Apply Cane Heke AP Name Name of the AP which can be used to identify the Access Point among the all the Access Points in the wireless network SSID Service Set Identifier which is a unique name shared among all clients and nodes in a wireless network The SSID must be identical for each clients and nodes in the wireless network Channel The value of channel that AP will operate in You can select the channel range of 1 to 11 for North America FCC domain 1 to 13 for European ETSI domain and 1 to 14 for Japanese domain WEP Key To disable WEP security click on the Disable option To enable WEP security there are 3 type of WEP keys to choose from 64bits 128bits and 256bits When one of the 3 WEP key options is selected you must enter the value of one of the four Keys in ASCII or HEX format You can also enter the values for all four WEP keys and select one to use Note When AP s WEP security is enabled all the wireless clients that wish to connect to the Access Point must also have WEP enabled with the identical WEP Key value entered For the changes made
13. onl SE Nee T ime period and days of week during which use Framed Protocal The protocol to be used NAS Identifier String identifying the HAS originating the request MAS IP Addess IP address of the MAS originating the request lA NaS Port Type Type of physical port used by the HAS onginatin Service Type Type of service user has requested Tunnel T ype Tunneling protocols to be used Windowes Groups Windows groups that user belongs to Add Cancel 31 Unless you want to specify the active duration for 802 1x authentication click O K to accept to have 802 1x authentication enabled at all times Time of day constraints E x All Sunday Monday 2 Tee Permitted Wednesday C Denied saudoy MNUUEERERORUERREESRREE Sunday through Saturday from 12 AM to 12 AM 32 Select Grant remote access permission and click Next to continue Add Remote Access Policy IN E x Permissions Determine whether to grant or deny remote access permission fou can use a Remote Access Policy ether to grant certain access privileges to a group of users orto act as a filter and deny access privileges to a group of users lf a user matches the specified conditions Grant remote access permission Deny remote access permission lt Back Next gt Cancel 33 Click Edit Profile to open up Add Remote Access Policy For TLS Authentication Setup Steps 34 38 34
14. open up the Properties setting window Wireless Metwork Connection Status iE General Support Connection Status Connected Duration 01 47 49 Speed 22 0 Mbps Signal Strength niil Sent K Received 70335 0 Activity Click on the Wireless Network tab Wireless Network Connection Properties x General Wireless Networks Connect uzing Eg 22M WLAN PCI Adapter This connection uses the following items Client for Microsoft Networks File and Printer Sharing for Microsoft Networks w fl gos Packet Scheduler W Intermet Protocol TCP IP Install Uninstall Description Allows Your computer to access resources on a Microsatt network Show icon in notification area when connected 63 Click Properties of the available wireless network which you wish to connect or configure Please note that if you are going to change to a different 802 1x authentication EAP method Le switch from using MD5 to TLS you must remove the current existing wireless network from your Preferred networks first and add it in again _ Wireless Network Connection Properties fx r TENETE E R E i i General Wireless Networks Authentication Advanced Use Windows to configure my wireless network settings Available networks To connect to an available network click Configure APrFFCo4 USR2249 Linksys i FAE Frefered networks Automatically connect to availab
15. restart the computer which will reinitializes the network ada pter settings during startup including renewing IP address If you still have problems getting an IP address after computer restarts you will have to consult with your MIS in your office or call computer and network technicians Dynamic IP Address V S Static IP Address By definition Dynamic IP addresses are the IP addresses that are being automatically assigned to a network device on the network These Dynamically assigned IP addresses will expire and may be changed over time Static IP addresses are the IP addresses that users manually enter for each of the network adapters Hetwork Ceneta Go to Start menu gt Control CE ET RE EY RES TE Panel gt Network 5 yA Dan raters Fl Connections gt Right click on Pirsz B Network Connectiore LAS or High Speed babent the active Local Area Network Tasks z tal greata 4 neve 2 ae sie gry connection gt Select St een Y e Ee oir pr Set US a hama cr emea ire retmecih Tew Gy ada Aies Me bor ks 66 be 99 Properties OB Dabi the retanik oii i af ad Repsi Ry Repar the connection B Renae thes conection Wer tatu of thie armar tion ha ngs ath regs of tha Cone ion Other Places z Note There might be two or more Local Area Connection to choose from You must select the one that you will use to connect to the network sS The Local Area Connection Wireless Network Connection Properties
16. to any of the items above to be effective click Apply 16 OD aiia SF 1ER 1 ben o geri ogi Hic recat a Pie pi Mem Peden Tode Heip Ou O w fh Dun De vce a e Bijer hip i Lo bark mri og Gary setig oeei The device n rectartig B k The new settings are now been saved to Access Point and will be effective once the Access Point restarts Click Back to go back to Basic Setting page 7 IP Setting This is the page where you configure the IP and DHCP settings of the Access Point 22 Mbps gt ne SF OT E wizard Status Basie Setting Advanced Setting Security 802 1x Tools LAN IP Obtain IP Automatically Fixed IP address f2 figs ft ft Subnet Mask p55 pss fos gateway P12 DHCP Server On off IP Range oem ise E ft bp te iB fe ft fiat DNS Server i p an i Appie Cancel Hep The default IP address of the Access Point is 192 168 1 1 with the Subnet Mask of 255 255 255 0 You can type in other values for IP Address Subnet Mask and Gateway and click Apply button for the changes to be effective You can also set the Access Point to obtain the IP from a DHCP server but it 1s not recommended Once set it will be difficult to determine the dynamic IP assigned to the Access Point Select the option Obtain IP Automatically and click Apply button for the changes to be effective DHCP Server It s not recommended to enable t
17. wait F Please wait while the wizard configures this computer for home or small office networking This process may take a tew minutes Network Setup Wizard You may create a You re almost done network setup disk which saves you the trouble of having to S fou need to run the Network Setup Wizard once on each of the computers on your J network Torun the wizard on computers that are not running Windows XP you can use configure every PCs the Windows AP CO or a Network Setup Disk 1n your network What do vou want to do Select the first Use the Network Setup Disk already have choice and insert a Use my Windows XP CD floppy disk into your Q Just finish the wizard don t need to run the wizard on other computers disk drive Click Next to continue Click Format Network Setup Wizard Disk if you wish to Insert the disk you want to use format the disk Insert a disk the into the following disk drive and then click Next Click Next to copy the necessary files to the disk 3k Floppy A o format the disk click Format Disk CD Copying Please wait while the wizard copies Files E Ee ial Click Next to Network Setup Wizard continue with the Torun the wizard with the Network Setup Disk xy Network Setup Wizard i Complete the wizard and restart this computer Then use the Network Setup Disk to run DD the Network Setup Wizard once on each of th
18. 22Mbps Wireless Network Access Point User Manual Manufacturer s Disclaimer Statement The information in this document is subject to change without notice and does not represent a commitment on the part of the vendor No warranty or representation either expressed or implied is made with respect to the quality accuracy or fitness for any particular purpose of this document The manufacturer reserves the right to make changes to the content of this document and or the products associated with it at any time without obligation to notify any person or organization of such changes In no event will the manufacturer be liable for direct indirect special incidental or consequential damages arising out of the use or inability to use this product or documentation even if advised of the possibility of such damages This document contains materials protected by copyright All rights are reserved No part of this manual may be reproduced or transmitted in any form by any means or for any purpose without expressed written consent of its authors Product names appearing in this document are mentioned for identification purchases only All trademarks product names or brand names appearing in this document are registered property of their respective owners FCC STATEMENT This product has been tested and complies with the specifications for aClass B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable p
19. 4 Lost x loss gt Approximate round trip times in milli seconds Minimum Ams Maximum ims Average Pme CG DOCUME LSADMIMI 1 gt Ale 2 The wireless clients cannot access the network in the infrastructure mode gt Check that the wireless network device is being installed and working properly Go to Start gt Administrator Right mouse click on My Computer a H Internet es My Documents A Internet Explorer e E mail fe My Recent Documents Outlook Express gt Properties ASUSUpdate 3 28 03 a My Music Open 9 MSN Explorer __ Explore Windows Media Player E Control Panel pete Manage a a Printers and Fal 0 p Q Windows Movie Maker 7 Map Network Drive a Disconnect Network Drive Po Help and Suppe O Tour Windows sF w Show on Desktop gt Search gk Files and Settings Transfer Wizard w Run All Programs gt Rename A Log OFF fo Turn GFF Computer Go to Hardware System Properties System Restore matic La Remote General Hardware Advanced Microsott Windows oP Professional Versian 002 Registered to TinGin nee 4 337 0493094 22998 Computer Intel Celeron processor 701 MHz 112 ME of RAM 42 Go to Device Manager Right mouse click on the network adapter which you connect RJ45 cable with And go to Properties System Properties
20. 82 dBm Typically 25 5 Wired Equivalent Privacy WEP 64 128 256 bit Dipole Antenna with Diversity 2dBi Antenna Gain SDRAM 4 Mbyte FLASH 1 Mbyte Operation max 1 2 A 600mA 50mA DC 5 Volt 5 2 4A AC Adapter AC 100V 240V 108
21. Click Submit gt to continue Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help Q Back x a A a Search 5 Favorites GA media B oe Address 2 htto 192 168 1 10 certsry certrgbi asp type 0 Microsoft Certificate Senices VirelessClA Home User Certificate Identifying Information All the necessary identifying information has already been collected You may now submit your request More Options gt gt Done m i Internet 70 19 The Certificate Service is now processing the certificate request A Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help a7 Q Back 3 x a e JH search 5 Favorites GA media f ee Address 2 htto 192 168 1 10 certsry certrgbi asp type 0 Microsoft Certificate Senices WirelesstA Home User Certificate Identifying Information All the necessary identifying information has already been collected You may now submit your request Waiting for server response 2 Waiting For Server Pesponse a Internet Aje 20 The certificate is issued by the server click Install this certificate to download and store the certificate to your local computer Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ay peck x a e pa Search 5 Favorites GA
22. Fi croup Policy User Security Group Security Group Ser H n Xe e ePhven Users 21 objects Description f Administrator fi Cert Publishers Built in account For admini Enterprise certification an a E computers CR CHCP Adminis Security Group Members who have admini H a Domain Controllers IEF DHCP Users Security Group Members who have view i urityPrincipals gi OnsAdmins Security Group ONS Administrators Group 72 OnsUpdaterr a Security Group DNS clients who are permi ER Domain Admins Security Group Designated administrators gii Domain Comp Security Group All workstations and serve Ci Domain Contr Security Group All domain controllers in th Pii Domain Guests Security Group All domain quests PF Domain Users Security Group All domain users ff Enterprise 4d Security Group Designated administrators Members in this group can FF Guest User Built in account For guest f IUISR FAEOL User Built in account For anons f IwAM_FAEO1 User Built in account For Intern fF krbtgt User key Distribution Center Se FRAS and I5 Security Group Servers in this group can fT Schema Admins Security Group Designated administrators 38 Go to the Dial in tab and check Allow access option for Remote Access Permission and No Callback for Callback Options test Properties i i ee
23. HCP server again Here is how you do it Go to Start menu gt Run gt type y 3 Type the name of a program Folder document or command J Internet resource and Windows will open it For you Click OK hie Browse Type command ipconfig renew in the command prompt window and press Enter This command releases the current IP address and acquire it from the network 1 e DHCP server once more Od HEN Ps ele Pei di tinal lindo IF Configurar is Hort Hane Pe a ine 5 Hode Iype a Hybrid LE Routing Enabled 2 Aa WiRG PRocy Enalilad amp Aa Ethernet adapter Wireless Hetecr Cannectianm Conmection epecifis DRE hes oe yet ion z ee ULAH Ale gt B A F ti a t Ao 092 168 7234 tubet Aack J55 255 2050 Petault Gate way Lfs Let ll is CO AE a LA dn gt In this case the IP address that we acquired is 192 168 1 3 However it s often that the acquired IP address of the network adapter might would not be the same Note To renew IP under Windows 98 and Windows ME you will have to go to the Start menu gt Run gt type winipefg and click OK The Windows IP Configuration Menu window would appear where you first click release button to release the current IP address followed by clicking of Renew to acquire a new IP address from network If the above methods for IP renew fail you will have to try and
24. MA CD to avoid having collisions occur a second time This works best if the time allocated is short compared to packet length and if the number of situations is small CSMA CD Carrier Sense Multiple Access Collision Detection which is a LAN access method used in Ethernet When a device wants to gain access to the network it checks to see if the network is quiet senses the carrier If it is not it waits a random amount of time before retrying If the network is quiet and two devices access the line at exactly the same time their signals collide When the collision is detected they both back off and wait a random amount of time before retrying DHCP Dynamic Host Configuration Protocol which is a protocol that lets network administrators manage and allocate Internet Protocol IP addresses in a network Every computer has to have an IP address in order to communicate with each other in a TCP IP based infrastructure network Without DHCP each computer must be entered in manually the IP address DHCP enables the network administrators to assign the IP from a central location and each computer receives an IP address upon plugged with the Ethernet cable everywhere on the network DSSS Direct Sequence Spread Spectrum DSSS generates a redundant bit pattern for each bit to be transmitted This bit pattern is called a chip or chipping code The longer the chip the greater the probability that the original data can be recovered Even if one or mo
25. Select Authentication Tab 35 Enable Extensible Authentication Protocol and select Smart Card or other Certificate for TLS authentication Edit Dial in Profile a 3 x Dial in Constraints IF Multilink Authentication Encryption Advanced Check the authentication methods which are allowed for this connection dw Extensible Authentication Protocol Select the EAF type which i acceptable for this policy Smart Card or other Certificate Configure Microsoft Encrypted Authentication version 2 MS CHAP w2 Microsoft Encrypted Authentication MS CHAP T Encrypted Authentication CHAF F Unenervpted Authentication P amp P SPAP Unauthenticated Access Allow remote PPP chents to connect without negotiating any authentication method cancel Ah _ 36 Go to Start gt Program gt Administrative Tools gt Active Directory Users and Computers 37 Select Users and double click on the user that can be newly created or currently existing who will be configured to have the right to obtain digital certificate remotely Window Help 3 Console Action view Tree lee Active Directory Users and Computers EEP FAE LOCAL Fl Builtin Please note that in this case we have a user called test whose account password are used to obtain the digital certificate from server 4 Active Directory Users and Computers
26. Selection O Left Antenna C Bighi Antenna Diversity Antenna B610 broadcast Enable Disable 4 Mode Enable Disable Cappy cence Heie AP Mode Select one of the AP operating modes for different application of Access Point 1 AP The normal Access Point operating mode which forms a wireless ESS network with its wireless clients 2 AP Client Acts as an Ethernet to Wireless Bridge which allows a LAN or a single computer station to join a wireless ESS network through it You must make sure that the SSID and Channel is set to the same as that used by the AP you wish to connect Remote AP BSS ID key in the LAN Mac address NOT wireless Mac address of the AP that you wish to get connected Please note that if you leave Mac address as 000000000000 then you will get connected by the SSID that is set in you AP 3 Wireless Bridge A pair of APs operating under Bridge mode to act as the bridge that connects two Ethernet networks or Ethernet enabled clients together You must make sure that the SSID and Channel is set to the same as that used by the AP you wish to connect The Remote Bridge MAC is where you enter the MAC address of the other AP that you connect to setup the wireless bridge Remote Bridge MAC filed key in the LAN Mac address NOT wireless Mac address of the AP that you wish to get connected 4 Multiple Bridge A group of APs which consists of two or more APs operating under Multiple Bridge mod
27. WORK PC CARD rico chee snie asic satatedacsoskcaricaiehajbinivhduucavidedeh ae cece A 62 AUTHENTICATOR WIRELESS NETWORK ACCESS POINT ccccccccsssssscecssscccceessscceceesseeeecessaeeeecssaseccesssssecceessneeeceesaeeeccesaeeees 81 i RADIUS SERVER W INDOW 2000 SERVER E A A E E E E AAA E A E ewe EEE T 82 APPENDIX Ds GLOSSARY seusan niokeen os aiao a ea rE E aE a aE aaaea aa aoaaa iaaea 104 APPENDIX E TECHNICALSPECIFICATION cccccsscssesssssctesoatostsnsndscnessensesdessodesnadonseaess suse ssondorensasseaessensadeassessi spasassesosses 108 INTRODUCTION The Wireless Access Point delivers enhanced IEEE 802 1b high performance for up to 22mbps which is double of that offered by most of the Access Points in the current market The 22mbps high data rate is made possible by utilizing advarced TI technology which incorporates the new PBCC for modulation method Unlike the ordinary CCK modulation not only the new PBCC modulation method offers double data rate for up to 22mbps but also it gives 20 more distance coverage The 22mbps Wireless Access Point is fully compatible with other 11mbps wireless devices The easy to use web based configuration utility is independent of operation systems and can be accessed through most of the web browsers that are Javascript enabled The enhanced functions offered by the Wireless Access Point e g DHCP server and 4 different operation modes allow the users to share resources and information
28. access the configuration menu gt Check that the Ethernet Adapter is working properly Make sure that the drivers for the network adapters are installed properly gt Check that the Ethernet cable is connect to the Wireless Access Point properly and the Ethernet LED of the Wireless Access Point is ON gt Check that the IP address of the computer is in the same IP range and subnet as that of the Wireless Access Point Please refer to the Networking Basis in APPENDIX B in this manual for more information if necessary Note The default IP Address of the Wireless Access Point is 192 168 1 1 All the camputers on the network must have a unique IP address in the same range e g 192 168 1 xxx and they must all have the same subnet mask e g 255 255 255 0 gt Check the connection of computer and Wireless Access Point by doing a simple Ping test gt Go to Start gt Run gt Type command gt Type ping 192 168 1 P A successful ping will show responses from the Wireless Access Point es CAWINNTystem3 7 command com Microsoft R gt Windows DOS CCoCopyright Microsoft Corp 1998 2601 C DOCUME 1 ADMINI 1 gt ping 192 168 1 1 Pinging 192 168 1 1 with 32 bytes of data Reply from 192 168 1 1 bytes 32 time ims TTL 36 Reply from 192 168 1 1 bytes 32 timetims TTL 36 Reply from 192 168 1 1 bytes 32 timetims TTL 36 Reply from 192 168 1 1 hytes 32 timetims TTL 36 Ping statistics for 192 168 1 1 Packets Sent 4 Received
29. adius server to be reconnected Tools Three functions are provided in this page Backup Restore Settings Restore default settings and Firmware Upgrade liard ftmt Dani Bi Dey OP egg Ai Ba Dip OE fiackup Getting Backup Bostore farthing kaust Fasaho ne Bectose th detail etang Ortuli Pier rriews a ra ip qi dhe te _Upurade Hale Backup Settings Click on Backup button which will open a FileSave Dialog box where you get to save all the current settings and configurations to a file Restore Settings Click on the Browse button to open a FileOpen Dialog box where you get to select the file which you save previous settings and configurations to be opened Upon selecting the saved file click Restore and complete the restore process when the Access Point re operates after it restarts Restore to default settings Click on Default button to restore the Access Point back to it s manufacture default settings Firmware Upgrade Click on the Browse button to open a FileOpen Dialog box where you get to select the firmware file which you download from the web for the latest version Upon selecting the firmware file click Upgrade and complete the firmware upgrade process when the Access Point re operates after it restarts 28 USING AP 22M UTILITY FOR MANAGEMENT Installing AP 22M Utility The AP 22M Utility is a program that runs on you
30. anagement adapter 1s working Ea 22M WLAN Adapter properly Device type Network adapters Manufacturer Location CardBus Slot 2 PC bus 65 device 0 functio Device statue lt you are having probleme with this device click Troubleshoot to start the troubleshooter Troubleshoot Device Usage Use this device enable o e if Cancel 3 Resetting the Wireless Access Point to Factory Default Setting You may choose to Reset the Wireless Access Point by doing the following gt Locate the Reset button on the back of the Wireless Access Point gt Use a paper clip to press the Reset button gt Hold the reset button for at least 5 seconds before you release gt Wait till the Wireless Access Point reboots itself it may take a few minutes then the configuration will be set back to factory default values 4 What are the operation modes supported by the Wireless Access Point The Wireless Access Point supports 4 operation modes Access Point Forms a wireless network and works as a bridge to communicate with Ethernet LAN network AP Chient Acts as an wireless client which allows the computers that are connected to the AP to communicate with other wireless clients Point to Point Bridge Connects two independent Ethernet LAN networks or computers wirelessly Multi point Bridge Connects more than two independent Ethernet LAN networks or computers wirelessly 44 3 10 11 What is the differe
31. bled Network Authentication Shared mode Network kep Key format Key length 40 bits 5 characters Key index advanced o The key is provided for me automatically Please note that that value of Network key entered and key format length used must be the same as that used in the Access Point Although there are 4 set of keys can be set in the Access Point WEP configuration it s the first set of key that must be the same as that we used by the supplicant wire kss client 30 Click OK to close the Wireless Network Properties window thus make the changes effective 31 Select Authentication tab 32 Select Enable network access control using IEEE 802 1X to enable 802 1x authentication 33 Select MD 5 Challenge from the drop down list box for EAP type 1 Wireless Network Connection Properties fx i General Wireless Networks Authentication Advanced Select this option to provide authenticated network access for wired and wireless Ethernet networks Enable network access control using IEEE 802 1 EAF type MD5 Challenge Smart Card or other Certificate eerie Authenticate as computer when computer information i available Authenticate as guest when user or computer information is unavailable Cancel 34 Click OK to close Wireless Network Connection Properties window thus make all the changes effectiv
32. ccess authorization or denial When MAC Filter is enabled by selecting the Enabled radio box select one of two choices gt Only deny PCs with MAC listed below to access device or gt Only allow PCs with MAC listed below to access device gt Ena ttded Gis abled gt Oniy dany BCs with MAC feted below to access davica amp Gnl alon PCe with MAC listed below to atace dauka MACIO MAGC Pater Enabled Gisabled s Oh deny Pe with WAZ listed balow to access ceca Oriy allow PCs with Mac leted baoa to access device pph Ceni Heip The maximum number of MAC addresses thatcan be stored in Access Pint is 50 You can browse through the MAC address saved by selecting the drop down box 24 2 http 99 168 1 ticcerlty cel Merasi Inlermel Explorer Pile Edt iea Penim Too Hap Om O DA Yaw ferne Que GLE Address i hioj raz 100 1 Leori og F Ta estings ced Huik For any changes made in the security page click Apply for the changes to be effective When the above page will appear Click Back to go back to the previous page 802 1x There are three essential components to the 802 1x infrastructure 1 Supplicant 2 Authenticator and 3 Server The Access Point serves as an Authenticator and the EAP methods used must be supported by the backend Radius Server The 802 1x security supports both MD5 and TLS Extensive Authentication Protocol EAP Please follow the
33. ce nett eset 28 USING AP 22M UTILITY FOR MANAGEMENT wisissccsccccccsccssccsocscessscsssscessecsenscutvesseasscdscasecsssassssocsdeusecssesscsnsdesestevscuessiscesss 29 ENS TAG IEING ALP 22M UTE T Y aa cde tate eired dha leeledeclou st cela sitdl veka siel a a E A ER nsuet eke 29 M ANAGE AND C ONFIGURE ACCESS POINT WITH 22M AP UTILITY uu cccccecccccccccsssssccecccssssssceeeccesseseeeeeceesssseeccesesseeeecens 33 TT ICT TU OVA OTT ose Se ares at adap Dsasa cise aan accel cubated Sada ceeds ac Be cs Diet A 34 AF IS CULLING S cee ac Sars at le Sn tant hu eal a ld et San alta Ss ae ln hea anaes a 99 VEA a E AEE E E E AE E RC E EAA A E AE EN NEE TAA A E T E E A A T RTEA 38 WE TESS CUEING S EEEE T re Meshes Be sles leu cses tree ed eet Otek ae E ante dat atte ten ee ar cde Nears ated dean eaten este se Paatiade 39 SO ANSES sors eterno eel tpi otter atlantic Healt E na seai dae ied ata anil cited awit aia Deland hla ds Asante ocaeamesunaieenesareutalane 40 APPENDIX A TROUBLES HOO TING wosiscestaccssscsckscacessisidesdassiaaseisedsteascasesnveasensesutansansvessonteusadcceudsabdescauaseidessseeseiseissvasaasebseeves 41 APPENDIX B NETWORKING BASIS iiss coseccsacscacesssgesscsesscuess cssuascucsassoudscetsctendsdeaccgensaandassassdessadedssdoseadedsdueseseensdeusscdsuadenssctests 47 APPENDIX C 3021X AUTHENTICA TION SE DUB oscinina esai oa iaee e Eaa oa aaa ia raias raae as 6l 802 IX AUTHENTICATION INFRASTRUCTURE vehea a a a aa A A 61 SUPPEICANT WIRELESS NET
34. cecessseccsseecesaeeesssseceesseecesseeecesseeeeesseeeeesaeeees 7 WIRELESS NETWORK ACCESS POTN IOS PORTS oii it aE eE E EEEE ATO ities LE EOE 7 WIRELESS NETWORK ACCESS POINT S LEDS redisien ie E E E E AEE E E A AEE 7 CONNECTING T HE WIRELESS NETWORK ACCESS POINT ccccsscccsssscecssssceesssecessscecessscecesseeecesseeecesaesecesueccesseecessseecessesecessaeeees 8 SEUNG UP THE WIRELESS NETWORK ACCESS FONT uronin rain E ace diasusd decsausevsue CEE EAE henseiaient beans 8 CONFIGURING YOUR WIRELESS ACCESS POINT sessesosscsscscesscscecoeresossccoosocsoesococesosocsocomoceosoosocesesocsoesessossesoesressssseo 9 CONFIGURATION M ENU Seieren iaee E ae A RAA AEAEE AEE A A AEE EN 10 Getinge Started Wih Setup WIT sienos inn E E E 12 SUUS E CC EE EER usaie Dicer shah ash dana va acaisdeaisseseina sscbineucd ee duidedanttasnicDuti sacs cadsadacuaniindscahlvuadelaaat tetas icncseiant 14 BASIC S OUE ine NE tthe EN stale cha hala cd ates an cau cde a dase detest a AE 16 PPS CHIN easier E asia cae eae E aaa ma tensa eat oa aun eaeenena Mead stea ea sceracnaauniiuade 18 Aaanced SOUT O ical a ee teh ca les de IN IAL Dae tel A ia GA lea SUR SEA dod dal SO Os Sa Ia eR Aa aes 20 DC ILL ps eth rsiha a tad ca itl attest Pade Dal again seen teal hl steas a Rees has eae aaa eda alan nate ea foul eae sae 23 OO L ade cass seceded ttees ages reteset E shal ag thie tac has en nso oie Vat E 26 TOUS sake assesses ihe alt tees ato Inc sea ee al Palle ds bce ala ne sa aero a
35. cess Aw ON 6 oll i P Bjen nr Manage and Configure Access Point with 22M AP Utility The AP 22M Utility can be useful in a way that allows you to configure one AP to another to save the trouble of logging into the web configuration utility of each AP However all the Access Points that you wish to configure using 22M AP Utility must be in the same network domain as your PC s You may also check the existence with the Access Point by pinging the IP of the Access Point for example 192 168 1 1 in the command prompt window ce CAWINN TiSystem32 command com MicrosoftR Windows DOS CC Copyright Microsoft Corp 1990 2001 C DOCUME 1L ADMIMI 1 gt ping 192 168 1 1 Pinging 192 168 1 1 with 32 bytes of data Reply from 192 168 1 1 bhytes 32 time ims TTL 36 Reply from 192 168 1 1 bhytes 32 timetims TTL 38 Reply from 192 168 1 1 bhytes 32 timetims TTL 38 Reply from 192 168 1 1 bytes 32 timetims TTL 38 Ping statistics for 192 168 1 1 Packets Sent 4 Received 4 Lost 0 g z loss gt Approximate round trip times in milli seconds Mininum ms Maximum ims Average Ams C DOCUME 1 ADMIMI 1 gt 33 Link Information This is the default page when 22M AP Utility starts up a Wireless AP 22M Utility Link Information AP Settinas APFFFCOA l ESSID APFFFCOA IP Settings IP Address 192 168 1 1 WEP Settings Mac Address 00 03 2F FF FC 04 602 1X Settings Domain gt JapantAll C
36. d users who are familiar with wireless networks and it s where you set additional parameters and settings of the Access Point 35 Advanced Setting Advanced Setting Transmission Rates Preamble Type SSID Broadcast Enable a Beacon Interval 100 BE RTS Threshold 4095 DOTIM Interval Antenna Selection 4 Mlode 4X Mode When 4X enable is selected you will be running 22Mbps PBCC 4X mode the wireless transmission speed can achieve over 12Mbps real throughput assuming that the wireless client device is also running 22Mbps PBCC 4X Note 4X mode is proprietary transmission mode available only with our solution chipset In order to achieve superb speed by 4X or 22Mbps PBCC mode both the transmitting and receiving parties must be using our WLAN solution products Please refer to Appendix C Glossary for the definitions of other values and function For any changes made to be effective click Apply button The utility program will now prompt you for user name and password as part of the login and security protection to make sure you have the right Login Management authorization Login Userame c Password Login Management Enter UserName E PB and Password for Login the Access Point Userlarme admin Password Click OK button Note The default username is admin and the default password is also admin Wirele
37. e 78 Unlike TLS which uses digital certificate for validation the MD 5 Authentication is based on the user account password Therefore you must have a valid account used by the server for validation 35 WindowsXP will prompt you to enter your user name and password Click on the network connection icon in the system tray to continue Py TSO DUCeEr Br i at P m PECOT HATES LOLer et Explorer 1 Wireless Network Connection Click here to enter your User name and password For the network APFFFCOF _79 36 Enter the user name password and the logon domain that your account belongs if you have one or more network domain exist in your network 37 Click OK to complete the validation process Wireless Network Connection User name Password Logon domain Authenticator Wireless Network Access Point This is the web page configuration in the Access Point that we use z a a aF FF Soe z aperi ee wizard Status Basic Setting IP Setting Advanced Setting Security Tools 602 1 Enabled Disabled Encryption Key Length 64 bits 128 bits 256bits Lifetime 30 Minutes gt RADIUS Server 1 IP bo po Port haz Shared Secret nee optional IP p jf jf p Port bpo Shared Secret Apply Cancel Help Enable 802 1x security by selecting Enable If MDS EAP methods is used then you can skip step 3 and go to step 4 3
38. e that can connect two or more Ethernet networks or Ethernet enabled clients together The way that multiple bridge setup is based on the topology of Ad Hoc mode Note All APs have to use the same Channeland SSID in order to form a Multiple Bridge network Beacon Interval To set the period of time in milliseconds that AP sends out a beacon Default is 100 milliseconds RTS Threshold To set the size of RTS CTS packet size Default is 2432 bytes Fragmentation Threshold To set the number of bytes used for the fragmentation boundary for directed messages Default is 2436 bytes DTIM Interval This value indicates the interval of the Delivery Traffic Indication Message DTIM A DTIM field is a countdown field informing clients of the next window for listening to broadcast and multicast messages When the Access Point has buffered broadcast or multicast messages for associated clients it sends the next DTIM with a DTIM Interval value Access Point Clients hear the beacons and awaken to receive the broadcast and multicast messages Authentication Type The Authentication Type default is set to Open System and you may want to set to Shared Key when the clients and A P in the same wireless network enable the WEP encryption All the nodes and hosts on the network must use the same authentication type It s recommend that you use the default setting Preamble Type Preamble is a sequence of bits transmitted at 1Mbps that allows the PHY ci
39. e other computers on your network Here s how 1 Inzert the Network Setup Disk into the nest computer you want to network 2 Open My Computer and then open the Network Setup Disk 3 Double click netsetup _5 Note Now you may use the Network Setup Disk you just created in any PCs in your network that you wish to setup Simply insert the Network Setup Disk into the disk drive of a PC and open to browse the content of the disk with My Computer or Windows File Manager Double click and run the file netsetup for the program to handle the rest Click Finish to Network Setup Wizard complete the Completing the Network Setup Network Setup Wizard Wizard You have successtully set up this computer for home or small office networking For help with home or small office networking see the following topics in Help and Support Center Using the Shared Documents folder Sharing files and folders To see other computers on your network click Start and then click My Network Places To close this wizard click Finish System will now System Settings Change have to restart in You must restart your computer before the new settings will take effert LY of order for the new Do you want to restart your computer now settings to be effective Click Yes to restart the computer _5 Checking IP Address of Your Computer In Windows XP Sometimes you will need to know the IP add
40. ect TCP IP of the network device Click Properties to continue The Access Point restarts itself and the screen will switch back to startup page Link Information The TCP IP Properties window appears Select Obtain an IP address automatically if you are on a DHCP enabled network Click OK to close the window with the changes made Configuration Identification Access Control The following network components are installed m Client for Microsoft Metworks By 22M WLAN Adapter ER 22M WLAN Adapter ee Frima Network Logar windows Logon File and Print Sharing Pesenption TEPP is the protocol pou wee to cannect to the Ihterret and wide area networks TCP IP Properties ee ojx Bindings Advanced Leet e TL DNS Configuration Gateway WINS Configuratitg F Address An F address can be automatically assigned to this computer IF your network does not automatically assign IP addresses ask pour network administrator for an address and then type it in the space below Specify an IF address iW Detect connection to network media Cancel Select Specify an IP address TCPIP Properties Boric danced DNS Contiguration Balewa Enter the IP address and subnet mask fields n F address can be automatically assigned to this computer lFyour network does not automatically assign IP addresses ask you
41. etwork With a network you Car In the menu on the left Share an Internet connection side of the window Set up Internet Connection Firewall Share files and folders select Set up a home Share 4 printer or small office network Click Next to To continue click Hert procced Click Next to Network Setup Wizard continue Before you continue Then complete the following steps I netall the network cards modems and cables Tum on all computers printers and external modems Connect to the Internet When you click Nest the wizard will search for a shared Intemet connection on your network CBee Hew 47 Select the option that best describes how you connect your computer to the Internet In the case of using router in the network choose the second option Click Next to continue 1 Enter a short description for your computer 2 Enter a name for your computer to be recognized among the network 3 Click Next to continue Network Setup Wizard Select a connection method Select the statement that best describes this computer O This computer connects directly to the Internet The other computers on my network connect to the Interet through this computer View an example Preeer er eer etree rrr errr errr rere rire errr rr errr errr reer errr rere ri rere reer rere rere errr rer rer rere errr rere errr eet rere rere rere errr errr errr e
42. f x e a AE General Wireless Networks Authentication Advanced Connect using Select Intemet Protocol Eg 2M WLAN Fae TCP IP and Click Properties to continue This connection uses the following tems El Client for Microsott Networks a File and Printer Sharing for Microsoft Networks gm oos Facket Scheduler P intermet Protocol TCH IF Description Transmission Control Protocollntemet Protocol The default wide area network protocol that provides communication across diverse interconnected networks Show icon in notification area when connected Dynamically Assigned IP Address Internet Protocol TCP IP Properties The TCP IP Properties window oT RSE Un eee ern ee General Alternate Configuration appears You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings Select Obtain an IP address automatically if you are on a Obtain an IP address automatically DHCP enabled network BRE Click O K to close the window with the changes made Obtain DNS server address automatically Use the following DNS server addresses Ca EOR a a cea Static IP Address Select Use the foll owing IP Internet Protocol TCP IP Properties address General Enter the IP address and subnet You can get IP settings assigned automatically if p
43. f the box Any changes of the default settings can be easily made through the web based configuration menu using web browser such as Internet Explorer Please go through this chapter carefully for the Access Point setup CONFIGURING YOUR WIRELESS ACCESS POINT The web based configuration menu provides user friendly graphic design for easy configuration Please go through the following check list before you consider using the configuration menu 1 You will need a JavaScript enabled web browser such as Internet Explorer v5 5 or higher and Netscape v4 0 or higher 2 The Ethernet network adapter must be working properly Please refer to Troubleshooting section for details 3 If you are connecting the Access Point through a router or a local area network which has DHCP server enabled you will not need to assign a static IP address to the computer that you are using to configure the Access Point Please go to check item no 6 4 If you are not connecting the Access Point through a router or a local area network which has DHCP server enabled you will need to assign a static IP address to the computer that you are using to configure the Access Point 5 The IP address assigned to the computer that you are using to configure the Access Point must be in the same IP address range as Access Point s Please refer to Networking Basis section to learn more about assigning IP address 6 The power jack must be properly inserted to make sure that t
44. fter successful login open up your Internet Browser and type the following in the address field http 192 168 1 10 certsrv This is how we connect to the Certificate Service installed in Windows 2000 server 6 7 16 Now we are connected to the Certificate Service Select Request a certificate and click Next to continue A Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ae Microsoft Certificate Services VirelessCA Home Welcome You use this web site to request a certificate for your web browser e mail client or other secure program Once you acquire a certificate you willbe able to securely identity yourself ta other people ower the web sign your e mail messages encrypt your e mail messages and more depending upon the type of certificate you request Done i Internet 17 Select User Certificate request and click Next to continue A Microsoft Certificate Services Microsoft Internet Explorer File Edit View Favorites Tools Help ee Q Back x B cf P Search Sy Favorites GA media A oS 2 http 192 168 1 10 fcertsrvicerkrqus asp x Microsoft Certificate Senices VYVirelassCA Home Address Go Links Choose Request Type Please select the type of request you would like to make User certificate request User Certificate Advanced request g Done o amp nternet 18
45. hannel 6 WEF Security Mac Address APFFFCO4 O0 03 2F FF FC 04 APFFFCI Yes Copyright 2002 Wireless Access Point Configuration Utility fei JE version 1 31 Apply Refresh Close Status displays the basic settings of the selected Access Point Available AP lists all the 22mpbs Access Point of the same network domain detected on the network You can select a particular Access Point from the list to view and change its configur ation AP Settings This is the page that allows you to change the settings of the Access Point ea Wireless a P ahd Utility E E I j 7 x J Basic Setting Link Information ESSID APFFFCO4 AP Settings Channel E IP Settings AP Name APFFFCOd WEP Settings Mode Setting 802 1X Settings f Access Point Remote MAC Address C Access Point Client Wireless Bridge Multiple Bridge Copyright 2002 Wireless Access Point Configuration Utility serie Hire version 1 31 Apply Refresh Close Basic Setting allows you to enter the new values for ESSID Channel and AP Name of the Access Point D Mode Setting allows you to change the operating mode of the Access Point There are 4 modes that you can choose 1 Access Point 2 Access Point Client 3 Wireless Bridge and 4 Multiple Bridge Please refer to Appendix C Glossary for the functionalities and definitions of these operating modes Advanced Setting recommended for advance
46. hat is it is expected to be used only in networks of like equipment that can all handle the optional mode IEEE 802 1 1b standard PSDU PLCP service data unit Roaming A LAN mobile user moves around an ESS and enjoys a continuous connection to an Infrastructure network RTS Request To Send An RS 232 signal sent from the transmitting station to the receiving station requesting permission to transmit RTS Threshold Transmitters contending for the medium may not be aware of each other RTS CTS mechanism can solve this Hidden Node Problem If the packet size is smaller than the preset RTS Threshold size the RTS CTS mechanism will NOT be enabled SSID Service Set Identifier which is a unique name shared among all clients and nodes in a wireless network The SSID must be identical for each clients and nodes in the wireless network Subnet Mask The method used for splitting IP networks into a series of sub groups or subnets The mask is a binary pattern that is matched up with the IP address to turn part of the host ID address field into a field for subnets TCP IP Transmission Control Protocol Internet Protocol The basic communication language or protocol of the Internet It can also be used as a communications protocol in a private network 1 e intranet or internet When you are set up with direct access to the Internet your computer is provided with a copy of the TCP IP program just as every other computer that you
47. he Access Point is powered The Default Settings of the 22mbps Access Point IP Address 192 168 1 1 User Name ESSID wireless Channel 6 disabled WEP Configuration Menu You can access the configuration menu anytime by opening up an web browser window and type in the IP address of the Access Point The default IP address of the Access Point is shown below F index Microsoft Internet Explorer Open web browser File Edit View Favorites Tools Help AN a P 9 Search 5 Favorites GAN Media E window Type in IP address Press Enter or 6 G O 9 Note The IP address shown above is the default IP address for the Access Point Use this IP address when connecting to a network consisting of Access Points set to default settings If the IP address of the Access Point is being changed to comply with the network then type in the IP address in the Address field of the web browser instead of the default IP address Type in user name Connect to 192 168 1 1 Type in password Click OK APO4245C User name f admin a Remember my password 10 Note The default username is admin and the default password is also admin The configuration menu will appear You can configure and get information about the Access Point by going through each tab Here Status page is displayed wizard Basic Setting iP Setting Adranted Setting Security 507 17 Toma Foomeere fe
48. he DHCP Server if you have a DHCP server running in your LAN network for it will cause possible IP assignment conflict Enable the DHCP server function by selecting the option On and enter the IP range Click O K to close pop up box Click Apply for the changes to be effective _18 SD Piipa LER 1 1 iberia aac Pis pie ya Pewi Toob Hep Ge O indiy x Gh Se gyro pa a Se a iB rite gf dee cg E Sas ehi aed he denare y pechartre Bork The new settings are now been saved to Access Point and will be effective once the Access Point restarts Click Back to go back to Basic Setting page _19 Advanced Setting This page contains configurations for advanced users which the change will reflect the wireless performance and operating modes a Javanced Setthne Wiers Iniereet Faplierer Flo Edt Wie Fatos Took Hapo Des i Ti x Fa J Search sgl Favores G reds ii ue zil F adess iB hiipii iea iavar d hibri AP Mode AP Sts Buvay aP cilen Remote AP BSS 1D 0OOOODO0TICO O Wireless Bridge Penote Bridge MAC O multiple Bridge Beacon Interval 100 msec rango 1 1000 dafadt 100 DTIM Interval ao irange 1 255 default 3 Authentication Type Opan Eystam C Sharad kay Both Preamble Short Preamble Long Proamble Basic Rote gt 1 2mbps 1 2 5 5 11 Mbps O 1 7 3 11 22 Mbps Supported Rate O 1 2 mMbps O 1 7 5 5 11 Mbps 1 2 5 5 11 224 Mbps Amema
49. he fragmentation boundary for directed messages The purpose of Fragmentation Threshold is to increase the transfer reliability thru cutting a MAC Service Data Unit MSDU into several MAC Protocol Data Units MPDU in smaller size The RF transmission can not allow to transmit too big frame size due to the heavy interference caused by the big size of transmission frame But if the frame size 1s too small it will create the overhead during the transmission Gateway a device that interconnects networks with different incompatible communication protocols IEEE The Institute of Electrical and Electronics Engineers which is the largest technical professional society that promotes the development and application of electrotechnology and allied sciences for the benefit of humanity the advancement of the profession The IEEE fosters the development of standards that often become national and international standards Infrastructure An infrastructure network is a wireless network or other small network in which the wireless network devices are made a part of the network through the Access Point which connects them to the rest of the network ISM Band The FCC and their counterparts outside of the U S have set aside bandwidth for unlicensed use in the ISM Industrial Scientific and Medical band Spectrum in the vicinity of 2 4GHz in particular is being made available worldwide MAC Address Media Access Control Address is a unique hex numbe
50. ication Success Internet Is Intranet 802 11 Wireless Clients Support 802 11X S Me 4 The Infrastructure diagram showing above illustrates that a group of 802 11 wireless clients is trying to form a 802 11 wireless network with the Access Point in order to have access to the Internet Intranet In 802 1x authentication infrastructure each of these wireless clients would have to be authenticated by the Radius server which would grant the authorized client and notified the Access Point to open up a communication port to be used for the granted client There are 2 Extensive Authentication Protocol EAP methods supported 1 MD5 and 2 TLS MDS authentication is simply a validation of existing user account and password that is stored in the server with what are keyed in by the user Therefore wireless client user will be prompted for account password validation every time when he she is trying to get connected TLS authentication _6 is amore complicated authentication which involves using certificate that is issued by the Radius server for authentication TLS authentication is a more secure authentication since not only the Radius server authenticates the wireless client but also the client can validate the Radius server by the certificate that it issues The authentication request from wireless clients and reply by the Radius Server and Access Point process can be briefed as follows 1 The client sends an EAP start message to the Acce
51. ice 24 Go to Start gt Program gt Administrative Tools gt Internet Authentication Service 25 Right click Client and select New Client 6 Internet Authentication Service Friendly Name Prokecal Export List Help 26 Enter the IP address of the Access Point in the Client address text field a memorable name for the Access Point in the Client Vendor text field the access password used by the Access Point in the Shared secret text field Re type the password in the Confirmed shared secret text field 27 Click Finish to complete adding of the Access Point Add RADIUS Client 921681 1 RADIUS Standard gt 28 Inthe Internet Authentication Service right click Remote Access Policies 29 Select New Remote Access Policy P Internet Authentication Service Tree Ei Allow access if dial in permission is enabled H Remote Access Logging Remote Access Policies Export List Help 30 Select Day And Time Restriction and click Add to continue ax Select the type of attribute to add and then click the Add Button Attribute types Called Station Id Phone number dialed by user Calling Station Id Phone number from which call originated Clent F riendly M ame Friendly name forthe RADIUS chent 45 only Clent IP Address IP address of RADIUS chent 45 only Clent Yendar Manufacturer of RADIUS prosp or WAS A5
52. igher One CD ROM drive At least one RF45 Ethernet network adapter installed VV V WV GETTING STARTED Getting To Know The Wireless Network Access Point WIRELESS NETWORK ACCESS POINT S PORTS gt Power Receptor Reset Button gt MDIIRJ 45 Ethernet Port Straight Through cable is required to connect with router or switch v Cross Over cable is required to connect to computer directly WIRELESS NETWORK ACCESS POINT S LEDS gt Power LED ON when the unit is powered up gt LAN LED ON indicates LAN connection blink indicates LAN activity gt WLAN LED ON indicates WLAN is working blink indicates wireless activity Connecting The Wireless Network Access Point Grternat Wireless Network Wireless Station i GS ps P SOHO Router Mobile PDA In order to setup an Infrastructure of a wireless network such as the example shown above you will Wireless Station need the following 1 A broadband Internet connection 2 ADSL or Cable modem provided by your ISP as part of the broadband connection installation 3 A Router that connects to the ADSL Cable modem for Internet connection sharing 4 An Access Point to connect with the Router to form a wireless infrastructure network 5 Wireless clients equipped with wireless networking devices such as wireless PC Card for wireless connection Setting Up The Wireless Network Access Point The 22mbps Access Point is designed to be working right out o
53. ist H F nrnllnent nent Certificate Rennes F Cancel 11 Go to Start gt Program gt Administrative Tools gt Active Directory Users and Computers 12 Right click on domain and select Properties to continue 4 Active Directory Users and Computers E i loj x Console Window Help a Action wiew m ZE 2 2 hiv ae Tree FAE LOCAL 5 objects ee Active Directory Users Fb Sebi AFA ilkin uiltin Domain B Delegate Control zj ontainer Default container For upar H E Find organizational Default container For new m ig Connect to Domain ontainer Default container For secu B E Connect to Domain Controller ontainer Default container For upar H Operations Masters Mew All Tasks r View b New Window From Here Refresh Export List 4 Opens pra Help FAE LOCAL Properties General Managed By Group Policy Curent Group Policy Object Links for FAE 2 Group Policy Object Links No Override Disabled Default Domain P olicy Group Policy Objects higher in the list have the highest priority This list obtained from faei FAE LOCAL Hew Options T Block Policy inheritance 14 Go to Computer Configuration gt Security Settings gt Public Key Policies 15 Right click Automatic Certificate Request Setting and select Ne w 16 Click Automatic Certificate Request ET sabe
54. ive Directory f Enterprise root CA Stand alone root CA C Stand alone subordinate CA Fl Advanced options Back Cancel 83 7 Goto Start gt Program gt Administrative Tools gt Certificate Authority 8 Right click on the Policy Setting select new 9 Select Certificate to Issue i amp 8 Certification Authority a ioj xj Tree Action View Intended Purpose Certification Authority Local WalEFS Recovery Agent File Recovery EEA Wireless Gel Basic EFS Encrypting File System cof Revoked Certificates Gee Domain Controller Client Authentication Server Authentic oa Issued Certificates Gel web Server Server Authentication Pending Requests GA Computer Client Authentication Server Guthentic Failed Requests Encrypting File System Secure Email ation Authority Mew Code Signing Microsoft Trust List Signi TIE Refresh Export List Help Add a Certificate Template to the list of Certificate Templates issued by this Certifica 10 Select Authenticated Session and Smartcard Logon by holding down to the Ctrl key and click OK to continue Select Certificate Template i aes Select a certificate template to sue certificates Secure Email Cher silpe aek Secure Email Clier Authenticated Session Chent Suthenticatic Chent Suthenticatic Code Signing Microsoft Trust L
55. le networks m the order listed below APFFFCO4 Learn about setting up wireless network configuration _ To configure for using TLS authentication method please follow steps 7 25 Please follow steps 26 for using MD5 authentication method TLS Authentication 7 Select The key is provided for me automatically option Wireless Network Properties Network name SSID a Wireless network key WEP This network requires a key for the following Data encryption WEP enabled Network Authentication Shared mode The key i provided for me automatically Click OK to close the Wireless Network Properties window Click Authentication tab 10 Select Enable network access control using IEEE 802 1x option to enable 802 1x authentication 11 Select Smart Card or other Certificate from the drop down list box for EAP type 1 Wireless Network Connection Properties da General Wireless Networkaf Authentication Advanced Select this option to provide authenticated network access for wired and wireless Ethernet networks Enable network access control using IEEE 802 1 EAP type f Smart Card or other Certificate MO5 Challenge Smart Card or other Certificate Authenticate as computer when computer information i available Authenticate as guest when user or com
56. lt YY TS Or UO Cer 198 Lets ot Ges IO 1 Wireless Network Connection x Click here to select a certificate or other credentials For Recycle Bin connection to khe network 4PFFRCOF 75 24 Select the certificate that was issued by the server WirelessCA and click OK to continue Connect Wireless Network Connection Friendly name ESTE Wireless Expiration date 176 2004 4 02 09 PM 25 Check the server to make sure that it s the server that issues certificate and click OK to complete the authentication process Validate Server Certificate The Root Certification Authority For the server s certificate isf Wirelessc4 Do you want to accept this connection Cancel 76 20 2 28 29 MD5 Authentication Select Data encryption WEP enabled option but leave other option unselected Select the key format that you want to use to key in your Network key ASCII characters 0 9 a z and A Z HEX characters 0 9 a f Select the key length that you wish to use 40 bits 5 characters for ASCII 10 characters for HEX 104 bits 13 characters for ASCII 26 characters for HEX After deciding the key format and key length that you wish to use for network key Enter the network key in Network key text box Wireless Network Properties Network name SSID Wireless network key WEF This network requires a key for the following Data encryption WEP ena
57. mation is unloaded into a local system Bandwidth The transmission capacity of a device which is calculated by how much data the device can transmit in a fixed amount of time expressed in bits per second bps Basic Rate the fixed transmitted and receiving data rate allowed by the AP with the value 1 2 5 5 11 and 22 Mbps for selection Beacon A beacon is a packet broadcast by the Access Point to keep the network synchronized Included in a beacon are information such as wireless LAN service area the AP address the Broadcast destination addresses time stamp Delivery Traffic Indicator Maps and the Traffic Indicator Message TIM Bit A binary digit which is either 0 or 1 for value is the smallest unit for data Bridge An internetworking function that incorporates the lowest 2 layers of the OSI network protocol model Browser An application program that enables one to read the content and interact in the World 104 Wide Web or Intranet BSS BSS stands for Basic Service Set It is an Access Point and all the LAN PCs that associated with it Channel The bandwidth which wireless Radio operates is divided into several segments which we call them Channels AP and the client stations that it associated work in one of the channels CSMA CA In local area networking this is the CSMA technique that combines slotted time division multiplexing with carrier sense multiple access collision detection CS
58. may send messages to or get information from also has a copy of TCP IP Throughput The amount of data transferred successfully from one point to another in a given period of time WEP Wired Equivalent Privacy WEP is an encryption scheme used to protect wireless data communication To enable the icon will prevent other stations without the same WEP key from linking with the AP Wireless Bridge One of the additional AP operating modes offered by 22mpbs Access Point which allows a pair of APs to act as the bridge that connects two Ethernet networks or Ethernet enabled clients together 107 APPENDIX E TECHNICAL SPECIFICATION Standard Data Rate Interface Emission Type Data Modulation RF Frequency Operating Channel RF Output Power Sensitivity Security Antenna Type Memory Power Consumption Power Supply 802 11b compliant wireless 802 3 802 3u for LAN 1 2 55 11 22 mbps 4 x 100BaseTX with Automatic MDI MDIX feature Power Jack 2 5 mm inner dimension Default Reset button Direct Sequence Spread Spectrum DSSS 1 Mbps BPSK 2 Mbps QPSK 5 5 11 Mbps CCK 5 5 11 22 Mbps PBCC 2412 MHz 2462 MHz North America 2412 MHz 2472 MHz General Europe 2412 MHz 2484 MHz Japan 11 Channels North America 13 Channels Europe 14 Channels Japan 16 18 dBm typical 22MHz PBCC 80 dBm Typically 25 5 1IMHz PBCC 85dBm Typically 25 5 1IMHz CCK
59. mbers who have admini H a Domain Controllers E DHCP Users Security Group Members who have view C ForeignSecurityPrincipals En Copy WNS Administrators Group DNS clients who are permi hesignated administrators All workstations and serve i fon Add members to a group ei Dor Disable Account ei Dor Reset Password fii Dor More BE Dor Open home page fii Dor Send mail t F aii Gre All Tasks Fa cu Delete FS Rename f I W Refresh Auilk in account For Intern Properties All domain controllers in th All domain quests All domain users hesignated administrators embers in this group can huilk in account For quest Built in account For anony ey Distribution Center Se ervers in this group can esignated administrators This user account is used Opens property sheet For the current selection 100 46 Go to Account tab and enable Store password using reversible encryption 47 Click OK to continue test Properties ermo E Accounts locked out 101 48 49 50 51 Go to Start gt Program gt Administrative Tools gt Internet Authe ntication Service Go to Remote Access Policies Make sure that MDS5 is moved up to Order 1 Right click MD5 and select Properties G Internet Authentication Service Move Down ae Remote Access Policies Delete Rename Properties
60. mponents fou can add or remove components of Windows 2000 To add or remove a component click the checkbox A shaded bos means that only part of the component will be installed To see what s included in 4 component click Details Components US Accessories and Utilities iv E Certificate SEVICES TAME Indexing Service DOME w EE Internet Information Services 15 21 7 MB 9 Mananement and Monitorinn Tonla FMA x Description Installs a certification authority LA to issue certificates for use with public key security applications Total disk space required 2 1 ME ma Space available on disk 3524 4 ME ub Back Cancel 5 Select Enterprise root CA and click Next to continue Windows Components Wizard CA Identifying Information Enter information to identity this CA CA name WirelessCA O Organization PO Organizational unit He City Po State or province Country region Jus E mail PO CA descriptors Po Valid for 2 Yeas Expires 1 8 2005 12 15PM lt Back Cancel 6 Enter the information that you want for your Certificate Service and click Next to continue Windows Components Wizard l i x Certification Authority Type There are four types of certification authorities Certification Authority types Descriptior The most trusted CA in an enterprise Should be installed Enterprise subordinate C before any other LA Requires Act
61. nce between 22mbps and 11mbps wireless products What s the benefit of 22mbps Wireless Access Point The 22mbps is made possible by the new modulation method called PBCC developed by TI which is different from the current CCK modulation method for 11mbps The 22mbps Wireless Access Point offers double data rate than that of 11mbps with 20 more distance coverage The 22mbps wireless products also operate in the 2 4GHz ISM band and they are backward compatible with 11mbps wireless products What is Roaming Roaming is the ability of portable computers e g Packet PC and notebook to have consistent and continuous data transmission reception throughout an area covered by more than one Wireless Access Point In order to achieve seamless connectivity all the wireless clients and Access Points must be set to use the same SSID When a user walked out of the coverage area of one AP into another the wireless client network device will automatically reestablish connection with the new AP What is a MAC Address The Media Access Control MAC address is a unique number assigned by the manufacturer to any Ethernet networking devices e g anetwork adapter that allows the network to identify it at the hardware level Unlike IP addresses which can be changed or dynamically assigned by the network the MAC address of a networking device is permanent What is WEP Wired Equivalent Privacy W EP is a type of data encryption mechanism described in the
62. oint is now rebooting click Close to close the Setup wizard window and go back to the main menu Status Page Pirmgrars Bersion jawe Sa Tan e T EP it Fare amp This page displays the following information LAM Were bere Firmware ferviog 09 0 0e MiG CO00 03 2F FF c IP Adira 192 16E Subnet Mask 235 255 255 0 Daltwayi 0 9 0 Send i05 Receive 1254 AAT 00 06 25 58 G0 2 SSC APRFP OO Emcryptien Fenction Chonmel amp Send 628 Hokia SF Cech Time Birnie Ghia Jom ne PTF 0040 15053 BS BE 14 Firmware Version Shows the current firmware version LAN Shows the Mac address IP address default 192 168 1 1 Subnet Mask Gateway Address The current LAN traffic calculated in terms of number of packets sent and received by AP through wired connection is also displayed Wireless Shows the Mac address current ESSID the status of Encryption Function Enable or Disable the current using channel The current wireless traffic calculated in terms of number of packets sent and received by AP through wireless communication is also displayed View Log Upon clicked the page will change to log page The log page records every event and the time that it happens Log biurai hine Erpse L e ee e Ten S008 1 ea of You may clear the entries recorded in the log by clicking the Clear Log button and refresh the screen to show the latest
63. our network supports this capability Otherwise you need to ask your network administrator for mask fields the appropriate IP settings Enter the IP address of the Router E Use the following IP address in the Default gateway field IP address 152 168 1 2 Subnet mask Enter the IP address of the Router Default gateway in the DNS server field R ET eee rete Click O k to close the window Preferred DNS server Alternate ONS server Note The IP address must be within the same range as the wireless route or Access Point Wireless Network in Windows 2000 Local Area Connection 5 Properties 7 xX Go to Start menu gt Settings gt 21x General Sharing Network and Dial up Connections gt Double click on Connect using the Local Area Connection aly 22Mbps WLAN Adapter Configure Select Internet Protocol Components checked are used by this connection TCP IP and click E Client for Microsoft Networks L Metai Load Balancing Properties Licrosoft Networks Install Uninstall Properties Description _ HAN N YN Transmission Control Protocol lnternet Protocol The default Wide area network protocol that provides corimunicatian across diverse interconnected networks Show icon in taskbar when connected The TCP IP Properties window appears Select Obtain an IP address automatically if you are on a DHCP enabled network
64. puter information is unavailable Co Ca 12 Click OK to close the Wireless Network Connection Properties window thus make the changes effective The wireless client configuration in the zero configuration utility provided in Windows XP is now completed for TLS configuration Before you can enable EEE 802 1x authentication and have wireless client authenticated by the Radius server you have to download the certificate to your local computer first TLS Authentication Download Digital Certificate from Server In most corporations it requires internal IT or MIS staff s help to have the certificated downloaded to your local computer One of the main reasons is that each corporation uses its own Server systems and you will need the assistance from your IT or MIS for account passw ord CA server location and etc The following illustration is based on obtaining a certificate from Windows 2000 Server which can act as a CA server assuming you have a valid account password to access the server 13 Connect to the server and ask for access and the server will prompt you to enter your user name and password 14 Enter your user name and password then click OK to continue Connect to 197 168 1 10 Connecting to 192 1668 1 10 Password Remember my password Please note that we use IP addresses for connection with the server for our illustration and the IP of the server is 192 168 1 10 15 A
65. r PC which offers easy management for all existing 22mbps Access Points in the same network domain Please follow the steps below for installation and refer to Manage and Configure AP with AP 22M Utility session Access point configuration Note The installation demonstrated is based on Windows XP operating system The other Windows operation system will have very similar installation 1 Turn on your PC 2 After Windows starts up insert the 22Mbps Access Point Product CD into the CD tray of the CD ROM 3 The following screen would appear Wireless LAN Product Series Please select product Install the appropriate software ka Tal a Tr 3i rm i ie o a a ao no N PC Card PCI Card Access Point Router 7 TE Router Exit G 4 Select menu option Access Point on the left side of screen Saar set pate _ Unir ne all IE U Ve a Usha eel nas er ay TP ae iz cr Ira Pr Sa to gates ERr Sg se A PET Wireless LAN Product Series Please select product Install the appropriate software ip eai PC Card PC Card Access Point Router E e Router w te fee onan se F jee pees ni a p PEN T ee lt A L pa aiae oll all ee Sia a rea Wireless LAN Product Series Please select product Install the appropriate software i wee PC Card PCI Card l 1 S Acce
66. r assigned by the manufacturer to any Ethernet networking device such as a network adapter that allows the network to identify it at the hardware level Multicasting Sending data to a group of nodes instead of a single destination Multiple Bridge One of the additional AP operating modes offered by 22mbps Access Point which allows a group of APs that consists of two or more APs to connect two or more Ethernet networks or Ethernet enabled clients together The way that multiple bridge setup is based on the topology of Ad Hoc mode Node A network junction or connection point typically a computer or workstation Packet A unit of data routed between an origin and a destination in a network PLCP Physical layer convergence protocol PPDU PLCP protocol data unit Preamble Type During transmission the PSDU shall be appended to a PLCP preamble and header to create the PPDU Two different preambles and headers are defined as the mandatory supported long preamble and header which interoperates with the current 1 and 2 Mbit s DSSS specification as described in IEEE Std 802 11 1999 and an optional short preamble and header At the receiver the PLCP preamble and header are processed to aid in demodulation and delivery of 106 the PSDU The optional short preamble and header is intended for application where maximum throughput is desired and interoperability with legacy and normshort preamble capable equipment is not consideration T
67. r network administrator tor an address and then type atin the space below In the DNS Configuration Tab Page 1 enter the IP address of the Router in the Default gateway field 2 Enter the IP address of the IP Address 192 168 1 2 Router in the DNS serverfield subnet Mack 255 255 255 0 Obtain an lP address automatically f Specify an IP address APPENDIX C 802 1x Authentication Setup There are three essential components to the 802 1x infrastructure 1 Supplicant 2 Authenticator and 3 Server The 802 1x security supports both MD5 and TLS Extensive Authentication Protocol EAP The 802 1x Authentication is a complement to the current WEP encryption used in wireless network The current security weakness of WEP encryption is that there is no key management and no limitation for the duration of key lifetime 802 1x Authentication offers key management which includes key per user and key per session and limits the lifetime of the keys to certain duration Thus key decryption by unauthorized attacker becomes extremely difficult and the wireless network is safely secured We will introduce the 802 1x Authentication infrastructure as a whole and going into details of the setup for each essential component in 802 1x authentication 802 1x Authentication Infrastructure 802 11 Wireless Access Point Support 802 1X Authentication Request Public 802 11 Wireless n Radius Server Authent
68. rcuitry to reach steady state demodulation and synchronization of bit clock and frame start Two different preambles and headers are defined the mandatory supported Long Preamble and header which interoperates with the 1 Mbit s and 2 Mbit s DSSS specification as described in IEEE Std 802 11 and an optional Short Preamble and header as described in IEEE Std 802 11b At the receiver the Preamble and header are processed to aid in demodulation and delivery of the PSDU The Short Preamble and header may be used to minimize overhead and thus maximize the network adja data throughput However the Short Preamble is supported only from the IEEE 802 11b High Rate standard and not from the original IEEE 802 11 That means that stations using Short Preamble cannot communicate with stations implementing the original version of the protocol Basic Rate The basic transfer rate is set depending on the speed of your wireless network For example you set 1 2 Mbps if you have older 802 11 campliant device in your network which supports 1 2 Mbps data rate This setting does not limit the basic transfer rates of the faster 802 11 compliant network devices Antenna Selection To set the antenna for transmitting data The default setting is Diversity Antenna which is better for reception SSID Broadcast While SSID Broadcast is enabled all wireless clients will be able to communicate with the Access Point For security purpose you may want to
69. re bits in the chip are damaged during transmission statistical techniques embedded in the radio can recover the original data without the need for retransmission To an unintended receiver DSSS appears as low power wideband noise and is reected ignored by most narrowband receivers Dynamic IP Address An IP address that is assigned automatically to a client station in a TCP IP network by a DHCP server Encryption A security method that uses a specific algorithm to alter the data transmitted thus prevent others from knowing the information transmit ted ESS ESS stands for Extended Service Set More than one BSS is configured to become Extended Service Set LAN mobile users can roam between different BSSs in an ESS ESSID The unique identifier that identifies the ESS In infrastructure association the stations use the same ESSID as AP s to get connected Ethernet A popular local area data communications network originally developed by Xerox Corp that accepts transmission from computers and terminals Ethernet operates on a 10 100 Mbps base transmission rate using a shielded coaxial cable or over shielded twisted pair telephone wire 105 Fragmentation When transmitting a packet over a network medium sometimes the packet is broken into several segments if the size of packet exceeds that allowed by the network medium Fragmentation Threshold The Fragmentation Threshold defines the number of bytes used for t
70. ress of the computer that you are using For example when you want to make sure that your computer is in the same network domain as that of your Access Point for you can configure and access the AP Go to Start menu gt Run gt type 7 Type the name of a program Folder document or command J Internet resource and Windows will open it For you Click OK Open When the command prompt window appears type command ipconfig alf and press Enter This command will display the IP addresses of all the network adapters in your computer Windows IP Configuration Host Name mi mi mi mi m 2 test Primary Dns Suffix Fi Mode Type Unknown IP Routing Enabled me Ho WINS Proxy Enabled No Ethernet adapter Wireless Network Connection 2 Connection specific DNS Suffix Description a 2AM WLAN Adapter Physical Address I 8 63 2F 6C 61i 55 Bhep Enabled 2a wo No jG an ok sy Su si si si wi si ia a 192 168 1 2 Subnet Mask i z 255 255 2558 Default Gateway 3 C Documents and Settings Administrator gt In this case the IP address of your network adapter is 192 168 1 2 hich means your Access Point must have an IP address of 192 168 1xxx in order for you to be able to access it 53 If the IP address is assigned by DHCP server on the network there are chances you might have to release the IP and acquire it from D
71. rotection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used according to the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which is found by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment or devices 8 Connect the equipment to an outlet other than the receiver s Consult a dealer or an experienced radio TV technician for assistance FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator and your body TABLE OF CONTENTS INTRODUCTION oninia esaia asao saa a ieoa ee a a aAa adaa ia a aier ienaa 5 PFRODUCT ERA TURES auiii AE E R O A E A EO gt SYS PEM 0 CDR EIN wesine sib ters asc tate adler aE AEE sca EE EE AA E EEA 6 GET TING S VAR DED iinis aada eo a aa oaair O a aa aaa naaraassa oean as odoin aade 7 GETTING TO KNOW T HE WIRELESS NETWORK ACCESS PONT u cccccccsssscessssecesss
72. rrr rrr rer reer eee rt reer T hie computer connects to the Intermet through another computer on my network or through fa rezidential gateway View an example C Other Learn more about home or small office network configurations Network Setup Wizard Give this computer a description and name Computer description Computer name M Cancel Y AREA 51 STATION No amp Examples Family Room Computer or Monica s Computer E samples FAMILY or MONICA The curent computer name is Mhl Leam more about computer names and descriptions eede ALIENT Cancel Enter Workgroup Network Setup Wizard name for your Hame your network 3 home network Click Next to R Name your network by specifying a workgroup name below All computers on pour network continue should have the same workgroup name Workgroup name AREAS Examples HOME or OFFICE TT TT Click Next and Network Setup Wizard wait for the wizard Heady to apply network settings S to apply the settings The wizard will apply the following settings This process may take a few minutes to complete and cannot be interrupted Settings Internet connection settings Connecting through another device or computer Network settings Computer description AREA 51 STATION No 6 Computer name ALIEN T Workgroup name AREAS To apply these settings click Next ST r _4Q Network Setup Wizard Please
73. rwon 03 02 0e LAH PRS OD 8 29 PP PC o4 LF Address 2S Lo Subnet Mask 255 255 2550 Gateway R008 enid 1054 Bacmives 123 4 Wireless MAC IO PA 25 54 H5 I7 FEIL APPPPeos Emery pliom Purecbion saysa S L Bari 1i Receive Ltt Wireiees MACHI 00 25 34 406 1Z 550 APPPP OR Encrypties Purine Channel Sen bah Receives 327 viewsLog Danni Tie Wireless Dishi Jame Ts Pm ee Ba Pat Si N e Getting Started With Setup Wizard Setup wizard is provided as part of the web configuration utility You can simply follow the step by step process to get your Access Point configured and ready for running in 4 easy steps by clicking on the Wizard button on the function menu The following screen w ill appear Please click Next to continue wire en Takona b he Zibee Access Funi Sedup FAri The Wied e drac you bhariyi these ror quick epi Sat by biki or eii wlej d Sal our ner peor rep 2 Sal ha S Sang Chanka ep d Sed Enorypinn ep i Restart Enry pien Fureckese Step 1 Set Password The Access Point is password protected to prevent unauthorized modification to your configuration You can change to new password if Yii die pee nea eee Ce A ea Cee a a a E E Tai kat Peeks igi Peed Wi cir eA seh er Ee ep eg Te you wish otherwise simply click E hetra Next to continue ene E hy Paper per After entering the new password in both text boxes click Nex
74. sh Close 1 Enable 802 1x security by clicking the 802 1X Function checkbox If MD5 EAP methods is used then you can skip step 3 and go to step 4 Select the Encryption Key Lifetime from 5 Minutes to 1 Day As soon as the lifetime of the Encryption Key is over the Encryption Key will be renewed by the Radius server 4 Select the Length ranging from 64 to 256 Bits that you would like to use for Encryption Key Length 5 RADIUS Server 1 Enter the IP address of and the Port used by the Primary Radius Server Enter the Shared Secret which is used by the Radius Server 6 RADIUS Server 2 Enter the IP address of Port and Shared Secretused by the Secondary Radius Server 7 Click Apply button for the 802 1x settings to take effect after Access Point reboots itself Note As soon as 802 1x security is enabled all the wireless client stations that are connected to the Access Point currently will be disconnected The wireless clients must be configured manually to authenticate themselves with the Radius server to be reconnected Please refer to Appendix C for detail 802 1x setup and installation 40 APPENDIX A TROUBLESHOOTING This chapter provides solutions to frequently encountered problems that can occur during the installation and operation of the Wireless Access Point Please read through the following to solve your problems 1 The computer connected to the Wireless Access Point through Ethernet network cannot
75. ss AP 22M Utility iz aloj x The Access Point restarts itself and Link Information the screen will APFFFCO4 switch back to startup page Link Information AP Settings Tee ESSIO gt APFFFCO4 ettings IP Address gt 192 168 1 1 WEP Settings Mac Address 00 03 2F FF FC 04 o07 1X Settings Domain gt JapantAll Channel 6 WEP Security Copyright 2002 Wireless Access Point Configuration tilit version 131 4 Apply Fefresh Close Afe IP Settings This is the page where you configure the IP settings for the Access Point Wireless AP 23M Utility Oo xj Select Fixed IP 99 Link Information OEE IEA C Fixed IP Address DHCP Client the IP address of the AP Settings i IP Address Setting Access Point and IP Settings Gateway WEP Settings IP Address subnet Mask 256 256 255 f Gateway P eb P lP 802 1X Settings Select DHCP Client if there is a DHCP server assigning IP addresses on the network Please also refer to Appendix B to learn more about Network Seon ents see eee i T i E T Point Contiguration tility Apply epee Ainge an aadress Click Apply button for any changes made to be effective The utility program will prompt you for user name and password for security protection 38 WEP Settings This is the page that allows you to configure the WEP settings for the Acce
76. ss Point Wireless AP 22M Utility a Enable WEP Key security by clicking Link Information M Data Encryption Data Encryption AP Settings Auth Mode Auto Switch IP Settings WEP Key Setting Hex jf ASCII WEP Settings Kev Length E4 bits Key 1 Ea O Key 2 802 1X Settings O Key 3 O Key 4 Copyright 2002 Wireless Access Point Configuration Utility version 1 31 E Wireless AP 22M Utility Select the Auth Mode and the Link Information Key Length M Data Encryption Auth Mlode Auto Switch H WEP Key Setting Hex ASCII Key Length E4 bits 802 1 Settings Key 1 WEP Settings Fill at least one of the 4 Web Key fields Key 2 with Hex or ASCII C Key 3 values C Key 4 a Available AF Copyright 2002 Wireless Access Point Configuration Utility Aes eed version 1 31 Apply Refresh Close 802 1x Settings Wireless AP 22M Utility E o x O 1X Setting M 802 1 Function AP Settings Encryption Key Length ea hits Lifetime f Day IP Settings RADIUS Server 1 Port 1812 WEF Settings IF Address o D fp p 802 1X Settings Shared Secret RADIUS Server 2 Optional Port 8 pases PP PP at a Link Information Shared Secret aP Name Mac Address SSID APFFFCO4 O0 03 2F FF FC 04 4PFFFC Yes Copyright 2002 Wireless Access Point Configuration Utility version 1 31 Apply Refre
77. ss Point 2 The Access Point replies with an EAP Request ID message 3 The client sends its Network Access Identifier NAD its user name to the Access Point in an EAP Respond message 4 The Access Point forwards the NAI to the RADIUS server with a RADIUS Access Request message 5 The RADIUS server responds to the client with its digital certificate The client validates the digital certificate and replies its own digital certificate to the RADIUS server The RADIUS server validates client s digital certificate The client and RADIUS server derive encryption keys The RADIUS server sends the access point a RADIUS ACCEPT message including the client s WEP key 10 The Access Point sends the client an EAP Success message along with the broadcast key and key length all encrypted with the client s WEP key Supplicant Wireless Network PC Card Here is the setup for the Wireless Network PC Card under Windows XP which is the only Operating System that our driver supports for 802 1x Microsoft is planning on supporting 802 1x security in all common Windows Operating System including Win98SE ME 2000 by releasing Service Pack in 2003 Please note that the setup illustration is based on our 22Mbps wireless PC Card Go to Start gt Control Panel 2 double click on Network Connections right click on the Wireless Network Connection that you use with our 22Mbps wireless PC Card 62 4 5 Click Properties to
78. ss Point Router Router 6 The 22M AP Utility loads the Install wizard for installation InstallShield Wizard 22M AP Utility Setup it preparing the Installs hield Wizard which will guide you through the rest of the setup process Please walt TTT Cancel Click Next to start InstallShield Wizard installation Welcome to the InstallShield Wizard for 27M AP Utility The InstallShield Wizard will install 22M AF Utility on your computer To continue click Hest Cancel Click Next to InstallShield Wizard Choose Destination Location install in default folder or Click Browse to install Setup will install 22h AP Utility in the following folder Select folder where Setup will install files in a different folder To install to this folder click Next To install to a different folder click Browse and select another folder Destination Folder C Program Files 2eM AP Utility Browse InstallShield Cancel Ai Installation wizard copies the utility program files in your PC InstallShield Wizard Setup Status 22h AP Utility Setup is performing the requested operations InstallShield Cancel 7 Click Finish to complete the installation InstallShield Wizard InstallShield Wizard Complete Setup has finished installing 22h AP Utility on your computer 23 8 The 22M AP Utility icon would then appear on your desktop for easy ac
79. steps below to configure 802 1x security 22 Mbps gt wizard Status Basic Setting IP Setting Advanced Setting Security Tools 807 1x i Enabled Disabled 2 Encryption Key Length 64 bits 128 bits 256bits PN Ta a Lifetime 30 Minutes 3 sss o ni a a Port 1812 Shared Secret n 4 MA apnanal IP b ie ie E Port boo Shared Secret Apply Cancel Help Enable 802 1x security by selecting Enable 2 If MD5 EAP method is used then you can skip step 2 and go to step 3 Select the Encryption Key Length Size ranging from 64 to 256 Bits that you would like to use Select the Lifetime of the Encryption Key from 5 Minutes to 1 Day As soon as the lifetime of the Encryption Key is over the Encryption Key will be renewed by the Radius server 4 Enter the IP address of and the Port used by the Primary Radius Server Enter the Shared Secret which is used by the Radius Server 5 Enter the IP address of Port and Shared Secret used by the Secondary Radius Server 26 Click Help to get interpretation for Encryption Key and Radius Server 6 Click Apply button for the 802 1x settings to take effect after Access Point reboots itself Note As soon as 802 1x security is enabled all the wireless client stations that are connected to the Access Point currently will be disconnected The wireless clients must be configured manually to authenticate themselves with the R
80. t to Preevyalion Fenctisn continue 12 Step 2 Set WLAN Connection Enter the SSID that you would like to Y use and select the channel of operation then click Next to continue Step 3 Set WEP Encryption You may enable the WEP security by selecting Enabled otherwise simply click Next to continue Select one of the WEP encryption key size and enter the value of the key in the Key text box then click Next to continue Note There are 3 key sizes to choose from 64 128 and 256 Bit however 256 Bit will only be supported with 22Mbps series products Step 4 Restart The Setup wizard is now completed The new settings will be effective after the Access Point restarts Click Restart to reboot the Access Point Sel Wians LAM Ciinthia Edm Fo E ci ha Sarees ert ed art e ae chee ine ir Access Kiai tel raie in Tik Hedi cima prap w Bii que sig wiad B FFF Bosa b Ea cep oe Pie Oe ma r he hEr masp ry une end riar ha eae of a bay nn tba bari Tee Desay Cick Pot bo cndrun eth mhap or Eria qui rman eure G Emberi Masini bE Ban pn H nga W HEN chn i EE a H F a el E brp pii Pii i e am E cess P oiri i a fet anriirey IF Estirngp eE rege lar ng Ph Lh J a la Tele oe So eo Cee Se EE E Wk ae ea Baty Py ree Ciki fisi boa ing acces Pond keane ey Tate iri ei Eecree es Funct The Access P
81. ys Gf Software Settings RY Minium password age O days Windows Settings 82 Minium passent length 0 characters Di Scripts Startup shu Fife E ila ee El p Security Settings eStore password using reversible encryption F Disotae BEA Account Policies gee Password Pr Fa Account Loc m a kerberos Pol E dal Local Policies H Event Log Hig Restricted Group H ag System Services H ag Registry H ag File System J Public Key Policie H IP Security Polici E E Administrative Template E Paki User Configuration Software Settings 4 4 43 Click Define this policy setting select Enabled and click OK to continue Security Policy setting TE 14 store password using reversible encryption for all users in the i domain IY Define this policy setting f Enabled C Disabled 44 Goto Start gt Program gt Administrative Tools gt Active Directory Users and Computers 45 Goto Users Right click on the user that you are granting access and select Properties amp Active Directory Users and Computers E z ojx l Console Window Help 1 XI Action view alm Xx Sligtay ae Tree Users 21 objects a Active Directory Users and Computers agp FAE L CAL f Administrator User Built in account For admini H Busiltin CE cert Publishers Security Group Enterprise certification an H E Computers FR CHCP Adminis Security Group Me
Download Pdf Manuals
Related Search