Planet Technology WAP-1966 User's Manual
Contents
1. 2 Enter a valid user name and password then click OK to continue Connect to 192 164 1 10 Connecting to 192 166 1 10 Remember my password Fie Edt Wew Favorites Took Help i G bar gt x a de ya Search yf Favorkes A red amp G gt amp Microsoft Certificate Services Wireless Home Welcome You Use this web site to request a certificate for your web browser e mail client or other secure program Once you acquire a certif cate you will be able to securely identity yourself to other people over the web sign your email messages encrypt your e mail messages and more depending upon the toe of certificate you request Selecta task es La 5 eve the CA cetificate or certificate revocation list zk Request a cetificate hificate 4 Select User Certificate request and click Next to continue 41 Microsoft Certificate Services Microsoft Internet Explorer Fie Edit Yew Favorites Toos Help Q sx E EA e pO sea De Fovontes A Hoda 5 E3 de E Home Choose Request Type Please select the wpa of raquest vou would like to make User cenificate request User Cenmtcate Advanced request 5 Click Submit gt to continue 3 Microsoft Certificate Services Microsoft Internet Explorer Fie Ect View Favortes Took Hep J eat gt a E ee pe Search Ji Favre rede e B gt a E Agdiess a http 152 166 1 10 cert certrgbi asprtype2. Channel 13 api B 0E2 AP Name Mode Setting f Access Point Remote MAC Address Access Point Client O Wireless Bridge Multiple Bridge Advanced Setting Repeater Mac Address SSID WEP AP162DE2 00 30 4F 16 20 E2 4P16208 Apply Refresh Close 15 Basic Settings ESSID ESSID is used by all wireless devices within the wireless network The ESSID value must be the same on all stations and Access points in this WLAN Channel Select the appropriate channel from the list provided to correspond with your network settings between 1 and 13 in ETSI All wireless devices with the same ESSID will automatically use this channel to communicate with this access point AP Name Change the access point name here if you want to set another name to this Access Point This will enable you to manage your access points with more ease if you have multiple access points in the network Mode Settings Access Point This mode is set to WAP 1966 by default This connects your wireless PCs to a wired network In most cases no change is necessary Up to 63 wireless clients can be connected through WAP 1966 Access Point Client A WAP 1966 set to AP Client mode is able to talk to one WAP 1966 functioning in AP mode and wireless client within its range This mode allows your WAP 1966 client to be the wirelessly bridged to the main WAP 1966 When you select this mode please enter the MAC address of the main WAP 1966 into
3. OK Edit Dial in Profile tix Dialin Constrairts IP Multilink Authentication Erermption Advanced Check the authentication methods which are alowed hor this connection Extensible 4utherticetian Protocol Select the EAF type which ts acceptable for this polce MOE Challenge M Microsoit Encrypted Authentication version E MS CHAF v2 Microsoft Encrypted Authentication MS CH P IY Encrypted Authentication CHAF TN Unencrapted Authentication PAF SPAF LUnatthenticated Access C Alon remobs PPP clients to connect without negotiating any authentication method My 38 Select Internet Authentication Service Local click on Action from top panel Then click Register Service in Active Directory P Internet Authentication Service i ojx Action view elm a el T Open gt Sharh SERVICE E CR Welcome to Internet Authentication Stop Service Service Register Service in Active Directory Internet Authentication Service 145 performs centralized authentication authorization and Help accounting of users who connect to a network using virtual private network VPN and dial up technology 145 implements the IETF standard Remote Authentication Dial in User Service RADIUS protocol Properties To enable the 145 server to read the remote access properties of user accounts in the Active Directory on the Action menu click Register service in Active
4. PLA Wetwmblag amp NET 22Mbps Wireless Access Point Bridge WAP 1966 User s Manual Copyright Copyright 2003 by PLANET Technology Corp All rights reserved No part of this publication may be reproduced transmitted transcribed stored in a retrieval system or translated into any language or computer language in any form or by any means electronic mechanical magnetic optical chemical manual or otherwise without the prior written permission of PLANET PLANET makes no representations or warranties either expressed or implied with respect to the contents hereof and specifically disclaims any warranties merchantability or fitness for any particular purpose Any software described in this manual is sold or licensed as is Should the programs prove defective following their purchase the buyer and not this company its distributor or its dealer assumes the entire cost of all necessary servicing repair and any incidental or consequential damages resulting from any defect in the software Further this company reserves the right to revise this publication and to make changes from time to time in the contents hereof without obligation to notify any person of such revision or changes All brand and product names mentioned in this manual are trademarks and or registered trademarks of their respective holders Federal Communication Commission Interference Statement This equipment has been tested and found to comply w
5. Besides when the WAP 1966 is configured to repeater mode you can only manage the AP through LAN interface and the PC s connected to its LAN port can not communicate with other wireless clients You need to input the remote AP s MAC address is this mode is enabled Switch Access Point 50 Chapter 6 Troubleshooting This chapter gives tips on how to configure the communication software This chapter provides solutions to problems usually encountered during the installation and operation of the Wireless Network Access Point Read the description below to solve your problems Can run an application from a remote computer over the wireless network This will depend on whether or not the application is designed to be used over a network Consult the application s user guide to determine if it supports operation over a network Can play games with other members of the cordless network Yes as long as the game supports multiple plays over a LAN local area network Refer to the game s user guide for more information What is the IEEE 802 11b standard The IEEE 802 11b Wireless LAN standards subcommittee which is formulating a standard for the industry The objective is to enable wireless LAN hardware from different manufactures to communicate What IEEE 802 11 features are supported The product supports the following IEEE 802 11 functions w CSMA CA plus Acknowledge protocol w Multi Channel Roaming w Automatic
6. Remote AP BSS ID field Wireless Bridge This mode connects two physically separated LAN segments by using two WAP 1966s The remote WAP 1966 also needs to be set up as a Wireless Bridge The designated access point with which it communicates is identified by the Remote Bridge MAC It corresponds to the MAC Address of the remote Wireless Bridge Multiple Bridge This mode allows you to construct a network that has multiple WAP 1966s bridging multiple LANs wirelessly For all bridged WAP 1966s configure them in Multiple Bridge mode and all the WAP 1966s must be configured on the same channel You can have up to 14 WAP 1966 to be bridged together Repeater This mode allows you to extend the range of your wireless network When the AP is configured to repeater mode it will repeat the wireless signal from wireless client to access point Thus the wireless connection distance can be extended However the performance will become half of normal performance since the WAP 1966 use the same wireless channel to receive and transmit Besides when the WAP 1966 is configured to repeater mode you can only manage the AP through LAN interface and the PC s connected to its LAN port can not communicate with other wireless clients You need to input the remote AP s MAC address is this mode is enabled Advanced setting when you press the Advanced Setting button the dialog box below will appear You can set more details parameters in this scree
7. Trap receiver specifies the Network Management Stations NMS that will receive trap messages from the SNMP agent of WAP 1966 3 2 Configure through 22M AP Utility The 22M AP Utility is provided to configure the WAP 1966 It can be used to configure multiple WAP 1966s at the same time in an easiest way 3 2 1 Install 22M AP Utility la Insert the User s Manual and Utility CD into the CD ROM drive 2 Run setup exe under E Utility WAP 1966 directory or click the Start button and choose Run When the dialog box appears enter E Utility WAP 1966 setup exe Assume E is your CD ROM drive You will see the dialog box as below Please click Next to continue Installshield Wizard Welcome to the InstallShield Wizard for 22H AP Utility The InstallShield Wizard will install 22h AP Utility on your computer To continue click Next i Cancel de You can click Browse to specify the Destination Folder that you want to install the utility Or you can keep the default setting and click Next to continue 13 Instal hield Wizard Choose Destination Location Select folder where Setup will install files helene 4 Please click Finish to complete the software installation InstallShield Wizard InstallShield Wizard Complete Setup has finished installing 22M AP Utility on your computer 3 2 2 22M AP Utility configuration After installing utility you can
8. Utilize Direct Sequence Spread Spectrum DSSS Technology and support the modulation of PBCC mode to provide robust interference resistant solution in a multi user environment Wireless LAN support IEEE 802 1X Authentication 64bit 128bit 256bit WEP encryption Support up to 63 users For best performance the suggested maximum clients number of one WAP 1966 in AP mode is 25 Support MAC Address Filtering Built in DHCP Server Adjustable antenna transmit power Four operating modes including AP AP client Repeater and Bridge Point to Point sis Point to MultiPoint e Provide Windows based configuration utility and Web Configuration 1 4 Specification IEEE 802 11b Compliant DSSS Direct Sequence Spread Spectrum QPSK BPSK CCK PBCC One 10 100BASE TX 1 x Dipole Antenna 64 bit 128 bit 256bit WEP encryption 2 4GHz 2 4835GHz Channel 11 Channels US Canada 13 Channels Europe 14 Channels Japan Data Rate 1 2 5 5 11 22Mbps 22Mbps 4X LED Indicators Power WLAN LAN Power Requirement 5V DC 2 5A Temperature Operating 0 55 degree C Storage 10 70 degree C Humidity Operating 5 95 Storage 0 95 Non Condensing 196x120x31mm Output Power 17dBm 1dBm 2dB Antenna Connector Reversed Polarity SMA Male Chapter 2 Hardware Installation Before you proceed with the installation it is necessary that you have enough information about the WAP 1966 1 Locate an optimum location for the WAP 1966
9. You can now specify the profile for users who matched the conditions pou have specified Mote Even though you may have specihed thet users should be denied access the prolle can stil be used E this policy s conditions are overdden on a per Leer basis Edit Profile Back Cancel For TLS Authentication Setup Steps 34 35 34 Select Authentication Tab 35 Enable Extensible Authentication Protocol and select Smart Card or other Certificate for TLS authentication Click OK Then go to step 38 30 Edit Dial in Profile 5H x Dialin Constrairts IP Multilink Authentication Enerption Advanced Check the auihentcaton methods which are allowed for this connection If Extensible 4uthertication Protocol gt Select the ESP type which ts acceptable for this polcy Smart Card or other Certhicate Configure M Mictosatt Encripted 4uthenlication version 2 MS CHAP 2 M Microzott Encrypted Authentication MS CH4P T Encrypted Authentication CHAF O Unernerypted Authenticalian PAF SPAF Unatthenticated Access Allow remote PPP clients to connect without negotiating any authentication method Cancel Amy For MD5 Authentication Setup Steps 36 37 36 Select Authentication Tab 37 Enable Extensible Authentication Protocol Select MD5 Challenge and enable Encrypted Authentication CHAP for MD5 authentication Click
10. and 2 this Device must accept any interference received including interference that may cause undesired operation Federal Communication Commission FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure set forth for an uncontrolled environment In order to avoid the possibility of exceeding the FCC radio frequency exposure limits human proximity to the antenna shall not be less than 20 cm 8 inches during normal operation R amp TTE Compliance Statement This equipment complies with all the requirements of DIRECTIVE 1999 5 CE OF THE EUROPEAN PARLIAMENT AND THE COUNCIL OF 9 March 1999 on radio equipment and telecommunication terminal Equipment and the mutual recognition of their conformity R amp TTE The R amp TTE Directive repeals and replaces in the directive 98 13 EEC Telecommunications Terminal Equipment and Satellite Earth Station Equipment As of April 8 2000 Safety This equipment is designed with the utmost care for the safety of those who install and use it However special attention must be paid to the dangers of electric shock and static electricity when working with electrical equipment All guidelines of this and of the computer manufacture must therefore be allowed at all times to ensure the safe use of the equipment Revision User s Manual for PLANET Wireless Access Point Model WAP 1966 Rev 1 0 September 2003 Part No EM WAP1966 TABLE OF CONTENTS CHAPTER TIN
11. 0 pe gt Microsoft Certificate Services Yy User Certificate Identifying Information All the necessary identifying informmab on has already been collected You may now submit your request 6 The Certificate Service is now processing the certificate request 49 Links 3 Microsoft Certificate Seraces Microsoft Internet Ecplorer Fie Edit view Favorites Tous Help lt iT y A gt j i Q 010 Pur yrn Aa G LE Address a http 192 166 1 10 certsry certrqbi espitype 0 v eGo links Microsoft Cerliticsta Services Home User Certificate Identifying Information All the necessary identifying information has already been collected You may now submit your request More Options Watne for server response 7 The certificate is issued by the server click Install this certificate to download and store the certificate to your local computer p7 Microsoft Certificate Senaces HicrosoH Internet Explo rer Fie Edit view Favorites Toos Help P EES 3 x E TA Jo Search SiP Favorites A Hoda gt le da Address E http LI a A Link icrosod Certiticaie Serices Wr Home Certificate Issued The certificate you requested was issued to you Her Install Mis certificate 8 Click Yes to store the certificate to your local computer Root Certificate Store 1 Do you want to 400 the following certficete to the Rook Store Subjec
12. Rate Selection w RTS CTS feature w Fragmentation w Power Management What is PBCC This new products use the ACX100 chip from Texas Instruments In addition to meeting the existing standard the chip also supports a new modulation scheme developed by TI called Packet Binary Convolution Code PBCC It s this scheme that gives the products the extra kick Even at lower speeds PBCC provides better performance at greater distances and it can also work at 22 Mbps What is Ad hoc An Ad hoc integrated wireless LAN is a group of computers each with a WLAN adapter Connected as an independent wireless LAN Ad hoc wireless LAN is applicable at a departmental scale for a branch or SOHO operation What is Infrastructure An integrated wireless and wired LAN is called an Infrastructure configuration Infrastructure is applicable to enterprise scale for wireless access to central database or wireless application for mobile workers What is Roaming Roaming is the ability of a portable computer user to communicate continuously while moving freely throughout an area greater than that covered by a single Wireless Network Access Point Before using the roaming function the workstation must make sure that it is the same channel number with the Wireless Network Access Point of dedicated coverage area 59
13. client must be using TI chipset and configured 4X mode enabled to make it effective This mode is supported only when the WAP 1966 is configured to AP mode 3 1 6 Security You can change Administrator ID Password and set the MAC Filter settings in this option 10 wizard Status Basic Setting IP Setting Advanced Setting 802 1x Tools Password Administratorid admin AP Password New FP Confirm eS MAC Filter Enabled Disabled Only deny PCs with MAC listed below to access device Only allow PCs with MAC listed below to access device 1 10 x Password Enter the new password in the AP Password New field and again in the next field to confirm Click on Apply to execute the password change The Password is case sensitive and can be made up of any keyboard characters The new password must be between 0 and 15 characters in length MAC Filters Filter function is for the administrator to authorize who can gain network access through the Access Point by using MAC address filtering By choosing the Allow radio button only MAC addresses in the Authorization table will be allowed to communicate with the Access Point By choosing the Deny radio button any MAC address in the table will be denied association with the Access Point You can have up to 50 MAC addresses configured on it 3 1 7 802 1x This screen enables you to configure 802 1X authentication 802 1x Enabled Disabled Encryption Key
14. 66 in the Client address text field a memorable name for WAP 1966 in the Client Vendor text field the access password used by WAP 1966 in the Shared secret text field Re type the password in the Confirmed shared secret text field 27 27 Click Finish Add RADIUS Client xi Chert Information Specify information regarding the client Client addiess IP or DNS i 92 168 11 Verify Chent Yendaor RADIUS standard a T Client must always send the signature attribute in the request Shared secret ka Confirm shared secret E e 28 In the Internet Authentication Service right click Remote Access Policies 29 Select New Remote Access Policy 2 Internet Authentication Service 3 iol x Action View I Eim Es Tree Es Allow access IF dial in permission ls enabled Internet Authentication Service Local 3 Clients A Remote Access Loggng remote Access Policies Export List Help 30 Select Day And Time Restriction and click Add to continue 28 Select Attribute x S lect the type of attribube to add and then chock the Add Button ttnbuts types Lalled station ld Phone number dialed oy user Calling Station ld Phone number from which call originated Clent Friendly H ame Frendly name for the RADIUS client 145 ony Chent lPAyddress IF address of RADIUS client 145 only Clentendor Manufacturer ol
15. Directory For more information about setting up IAS see Checklist Configuring LAS for dial up and VPM access and Checklist Configuring IAS to outsource dial up access in online Help For more information on 145 deployment fe ee rt Er 39 Go to Start gt Program gt Administrative Tools gt Active Directory Users and Computers 40 Right click on the domain and select Properties a Active Directory Users and Computers E ioj xj i Console Window Help lej ato vw e Gln BS waves Tree FAELOCAL 5 objects ify Active Directory Users E EP Lili builtin Comain Es Delegate Control orkainer Default container For upar En Find Prgsnizational Default container for new ia ortainer Default container For secu C Comet to Domain Controler ortalner Default container For upar se Operations Masters New k All Tasks view k New Window from Here Refresh Export List Properties Opens pro Help 41 Select Group Policy tab and click Edit to edit the Group Policy 4 30 FAE LOCAL Properties Fix General Managed By Group Policy Current Group Policy Object Links for FSE Group Police Obiect Links Dlelauk Domain Policy MoU veride Disabled Group Paley Objects higher in the list have the highes priority This list obtained tram faei FAE LOCAL Hew F Up Options Properties Down T Bl
16. Length 64bits 128 bits 256bits Lifetime 30 Minutes x RADIUS Server 1 IP bo fk bt fk Port Na Shared Secret REE tonal P D A A A JU Port bo Shared Secret le Enable Disable Enable or disable 802 1X authentication of WAP 1966 Encryption Key Select one of the Encryption key length options It should be set the same length as WEP key Select one of the Encryption key lifetime options Once the lifetime expires the Encryption key will be renewed by RADIUS server RADIUS Server 1 Enter the IP address communicate port number and shared secret key of your primary RADIUS server RADIUS Server 2 Enter the IP address communicate port number and shared secret key of your secondary RADIUS server Note As soon as 802 1X authentication is enabled all the wireless client stations that are connected to the AP currently will be disconnected The wireless clients must be configured manually to authenticate themselves with the RADIUS server to be reconnected 3 1 8 Tools You can backup or restore WAP 1966 settings reset WAP 1966 to factory default and upgrade firmware in this option wizard Status Basic Setting IP Setting Advanced Setting Security 802 1x Backup Settings Backup Restore Settings Browse Restore ne Default Firmware Upgrade Browse Upgrade Help SNMP Enabled Disabled System Location system Contact Community public tt t lt t lt i S Trap Rec
17. RADIUS pros or MAS 18 5 onl AAA Time oenod and day of week duning which use Framed Protocol The protocol to be used MAS identifier Sting identiying the MAS onginating the request M45 lP adcress IF address of the NAS onginating the request 16 MAS Por Type Type of physical port used by the MAS orginatin Seice ype Type of service user has requested Tunnel Type Tunneling protocol to be used Windows Gioups Windows groups that user belongs to E Lancel 31 Unless you want to specify the active duration for 802 1X authentication click OK to accept for having 802 1x authentication enabled at all times Time of day constraints XxX c 3 x 12 2 4 5 8 10 12 2 4 6 8 10 12 all Lance Tuesda A Pemited Wednesday IAN Denied Thureday TAN Fides LL aude O NAS Sunday thiough Saturday amd 24M to 12 AM 32 Select Grant remote access permission and click Next to continue 99 Add Remote Access Policy f E x Permissions Determine whether to gant or deny remote access permission You can Lee a Remote Access Policy ether to grant certain access privileges to a group of users of to act as fiker and deny access pivileges to a group of users IF auser matches the speched comditiors f Grant emote access permission C Deny remote access permission 33 Click Edit Profile Add Remote Access Policy 7 3 x User Profile Specity the user pralle
18. Select this opbon to provide authenticated network access for wired and wireles Elhemet networks 2 Enable nebvork access control using IEEE 302 1 J MODE Challenge MODE Challenge Smat Card or other Certificate Uthenicae as computer when computer infomation is available Suthenticate 35 quest when user or computer mboimetion is unavailable OF Cancel 12 Click OK 39 13 When wireless client has associated with WAP 19665 a user authentication notice appears in system tray Click on the notice to continue YU Sel 5 iL Wireless Network Connection x Chck hereto enter your user name and password For the retwork PLANET AP PRE IE 14 Enter the user name password and the logon domain that your account belongs 15 Click OK to complete the validation process Wireless Hebwork Connection User name test Logon doman FAE LOCAL 4 4 2 EAP TLS Authentication Get Digital Certificate from Server The following procedures are based on obtaining a certificate from Windows 2000 Server which acts as a CA server Furthermore you must have a valid account password to access the server 1 Active web browser enter http 192 168 1 10 certsrv in the Address field which 192 168 1 10 is the IP address of our server This will directly access to Certificate Service of a Windows 2000 server A AQ dialog box will prompt you to enter user name and password
19. TRODUG HON iii e ec o teo 1 Ad AG AGE CONIEN T nr de ON et a ET Re 1 12 SYSTEM REGUIREMENTS Res die e seen 1 SI AEAN O td St II 1 MNASPECIE CAT ON o o ce eh ee 2 CHAPTER 2 HARDWARE INSTALLATION cccccoccccncnccncnonnnnonnnnnnnnncnnnnnnrnnnnrnnnnnnrnnnarnananarnanannas 3 CHAPTER 3 CONFIGURING THE WIRELESS ACCESS POINT ccecesceeceececeeceeceeceeeees 4 3 1 CONFIGURE THROUGH WEB BROWSER nan RE dd cet ith cow esse cs 4 ES Aer NG VIA Se A RATE a PED ECS ERE CEES OER PLE A en ee le 4 de a D A en ne eee eee eee 6 O A A 7 SAIF DOMO OS A AA nt E 7 SLO AOVANCEO SEUNS a E a a ee a E ei 8 EA e R E E E E 10 DM TOO O E E E E AAN EA ce cl E AEA 11 GLO TOOS aore a r E TA a Gc 12 3 2 CONFIGURE THROUGH 22M AP UTILITY 0 cccccccecececcecececececcccncecccecacaccesecnceeasscceceneeeeas 13 SL MIS TACA MARI ai A E A E EO E 13 322 22M AP UY CONA QUAN A AAA A 14 CHAPTER 4 802 1X AUTHENTICATION SETUP uu cece eceeeecececneeceesecececceeeeececeeeeneceneeeeeenens 21 4 1802 1X INFRAS FRUGC TURE 2 nn teed sac odititaddbakSuu alo 21 42 RADIUIS SERVER SETUP vince e S en eds e ie 22 42 io A entend tien nes nine essaie neue 22 422 S01HD PIOCOQUIC S cn ceciane a A a nee near T aE 22 ASS AUTHENTICATOR SE TPE En a dada 36 ANN IREFESS CLIENT SETUP arent leh a et Rs die de 37 4 4 1 EAP MD5 AUth ntiCatiOn 1 ccccccccecececenccecscucscncensnensnensneneneneneneneneuauevetensnenensaeusuenes 37 4 4 2 EAP TLS AUN ICAO a ad 40 CHAPTER 5 APPLICATION o
20. The best place for your WAP 1966 is usually at the center of your wireless network with line of sight to all of your mobile stations 2 Assemble the antenna to WAP 1966 Try to place them to a position that can best cover your wireless network The antenna s position will enhance the receiving sensitivity 3 Connect RJ 45 cable to WAP 1966 Connect this WAP 1966 to your LAN switch hub or a single PC 4 Plug in power adapter and connect to power source After power on WAP 1966 will start to operate Note ONLY use the power adapter supplied with the WAP 1966 Otherwise the product may be damaged If you want to reset your WAP 1966 to default settings press the Reset button 5 second And then wait for 10 seconds for WAP 1966 to reboot Chapter 3 Configuring the Wireless Access Point 3 1 Configure through Web Browser Web configuration provides a user friendly graphical user interface web pages to manage your WAP 1966 An AP with an assigned IP address e g http 192 168 1 1 will allow you to monitor and configure via web browser e g MS Internet Explorer or Netscape 1 Open your web browser 2 Enter the IP address of your WAP 1966 in the address field default IP address is http 192 168 1 1 Please note that your PC s IP address should be on the same IP subnet of the WAP 1966 For example you can configure your PC s IP address to 192 168 1 2 if WAP 1966 is with IP 192 168 1 1 3 AUser Name and Password dia
21. Threshold too low may result in poor performance DTIM Interval Beacon Rate Specify the Beacon Rate Enter a value between 1 and 65535 that specifies the Delivery Traffic Indication Message DTIM A DTIM is a countdown informing clients of the next window for listening to broadcast and multicast messages When the AP has buffered broadcast or multicast messages for associated clients it sends the next DTIM with a DTIM Interval value AP Clients hear the beacons and awaken to receive the broadcast and multicast messages Authentication Type The authentication type defines configuration options for the sharing of wireless networks to verify identity and access privileges of roaming network cards You may choose between Open System Shared Key and Both Open System Open System authentication is the simplest of the available authentication algorithms Essentially it is a null authentication algorithm Any station that requests authentication with this algorithm may become authenticated if Authentication Type at the recipient station is set to Open System authentication Open System authentication is the default authentication algorithm Shared Key Shared Key authentication supports authentication of STAs as either a member of those who know a shared secret key or a member of those who do not Preamble The preamble defines the length of the CRC block for communication between the Access Point and roaming Network Card Long preamble ensure the ne
22. addresses The term refers to two things the conventions for naming hosts and the way the names are control across the Internet If your network has a DHCP server you can select Obtain IP Automatically to get the IP address from your DHCP server Or you can select Fixed IP to set the IP settings manually WAP 1966 has build in DHCP server By default is Off If you have a DHCP server in your network already please set the DHCP server function to Off When you assign an IP address to this access point please ensure this IP address is on the same IP range as DHCP Server settings Note When you select Obtain IP Automatically DHCP Sever will be disabled automatically 3 1 5 Advanced Settings You can set the WAP 1966 operation mode and relative settings After configuration please click Apply to save your settings wizard Status Basic Setting IP Setting AP Mode AP Site Survey C AP Client Remote AP BSS ID 000000000000 Wireless Bridge Remote Bridge mac Multiple Bridge Repeater Remote AP MAC Beacon Interval 100 msec range 1 1000 default 100 DTIM Interval E range 1 255 default 3 Authentication Type Open System Shared Key Both Preamble Short Preamble Long Preamble Basic Rate 1 2 Mbps 1 2 5 5 11 Mbps 1 2 5 5 11 22 Mbps Supported Rate 1 2 Mbps 1 2 5 5 11 Mbps 1 2 5 5 11 22 Mbps Antenna Selection Left Antenna Right Antenna Diversity Anten
23. ce that the default antenna cannot reach consult your local dealer for more about how to extend your distance Switch Switch S ESP Me Aree Bridgemode Bridgemode Note Please do consult your local dealer about the external or directional antenna you would like to install and get the connection Improper outdoor antenna installation could damage the Access Point or get injured or get killed in some condition like thunders or strong winds 5 4 Multiple Bridge mode For multiple LANs the WAP 1966 also helps to make the connections With this mode three or more LANs can bridge to each other Switch Switch Multibridge mode Multibridge mode Multibridge mode Note The mode Multiple Bridge will turns the Access Points for example the above three Access point in the figure into one network domain This also means your three Ethernet networks will use 22Mbps 49 transmission rate to communicate with each other In a large network please consider using management device to reduce the network broadcast to the wireless network 5 5 Repeater mode When WAP 1966 works in repeater mode it will repeat the wireless signal from AP to wireless client or from wireless client to AP Thus the distance between wireless client to AP can be double However the trade off is the connection speed between wireless client to AP become half since the WAP 1966 repeat the wireless signal on same channel
24. configured on the same channel You can have up to 14 WAP 1966 to be bridged together Repeater This mode allows you to extend the range of your wireless network When the AP is configured to repeater mode it will repeat the wireless signal from wireless client to access point Thus the wireless connection distance can be extended However the performance will become half of normal performance since the WAP 1966 use the same wireless channel to receive and transmit Besides when the WAP 1966 is configured to repeater mode you can only manage the AP through LAN interface and the PC s connected to its LAN port can not communicate with other wireless clients You need to input the remote AP s MAC address is this mode is enabled Beacon Interval Specify the Beacon Interval value Enter a value between 1 and 1000 Beacons are packets sent by an Access Point to synchronize a wireless network RTS Threshold Use this field to specify a value for the RTS Threshold Enter a value between 256 9 and 2432 This value should remain at its default setting of 2 432 Should you encounter inconsistent data flow only minor modifications are recommended Fragmentation Threshold This field is used to specify the fragmentation threshold Enter a value between 256 and 2346 If you experience a high packet error rate try to slightly increase your Fragmentation Threshold The value should remain at its default setting of 2 346 Setting the Fragmentation
25. default password for administrator login name is admin is admin You can change the Password in this step Click Next gt Step 2 Set the SSID and Channel E 22Mbpe Access Point Microsoft Intermet Explorer s LAN Connection Enter the SSID of the wireless network and select the frequency channel that this Access Point will operate in Click Mext to continue setup or Exit to quit setup wizard BSsiD AP044980 MA Channel 6 Enter the SSID of your WLAN and select the frequency channel Click Next gt Step 3 Set Encryption E 22 Mbps Access Pomt Microsoft Intemet Explorer You may enable WEP security for data encryption by selecting Enabled Select one of the WEP encryption key size and enter the value of the key in the text fields below Click Next to continue with setup or Exit to quit setup wizard E Yep Enabled Disabled B Yep encryption 64Bit E Key 1234567890 Input 10 HEX characters HEX is 09 A F or a f OS gt gt back next exit You can enable WEP encryption and set WEP key in this screen Click Next gt to continue Step 4 Restart Y 22M bps Access Point Microsoft Intemet Explorer The Access Point setup is now completed If you want to change any setup settings click Back to go back to the previous pages Click Restart to reboot the Access Point for the new settings to take effect OO A back restart exit Please click the Restart b
26. ed onto different subnets this can remain blank DHCP Client If there is a DHCP Server in your LAN you can select DHCP Client to let the WAP 1966 be a client to get an IP address from your DHCP server 18 3 2 2 4 WEP Settings 5 PLANET WAP 1966 S 5 x Link Information M Data Encryption AP Settings Auth Mode Auto Switch WEP Key Setting Hex ASCII WEP Settings Key Length E4 bits 802 1X Settings e C m Key 2 IP Settings Key 3 Key 4 Copyright 2003 PLANET VW4P 1966 Configuration Ltilit version 15 q El Apply Retrest Close Data Encryption Select this option when you want to enable WEP function Auth Mode Open Authentication With this setting any station in the WLAN can receives and transmits data from the Access Point null authentication Shared Authentication With this setting only stations using shared key encryption identified by the Access Point are allowed to associate with it Auto Switch With this setting stations can communicate with the Access Point either with or without data encryption WEP Key Settings You can define the WEP Wired Equivalent Privacy function by yourself There are 4 keys available please ensure you have enter correct number for the key values with different Key Length and coding Hex or ASCII as 64bit 10 Hex digit 5 ASCII 128bit 26 Hex digit 13 ASCII or 256bit 58 Hex digit 29 ASCII please select one of the
27. eiver 1 booo 26000 36500 Apply Cancel Help Backup Settings You can backup current settings to a file Press Backup button it will prompt you a location to save the backup file config bin Restore Settings When you try to restore the settings you have saved please press Browse to find out the backup file and then press Restore Restore to default settings It is used to reset WAP 1966 s configuration to factory default Firmware Upgrade You can upload the newest firmware of the WAP 1966 You may either enter the file name in the entry field or browse the file by clicking the Browse button SNMP Simple Network Management Protocol SNMP is a communication protocol for managing 12 devices on a network It is commonly used for network administrators to communicate with multiple devices hub switch router for configuring and monitoring while convenient for troubleshooting but no miscellaneous platform consideration The built in SNMP is an agent which watches the status of it self The Network Management Station A computer attached to network with SNMP management program well installed can be used to access it System Location Input the system location for NMS to identify this AP System Contact Input the system contact for NMS to identify this AP Community A valid entry of Community String is for authentication to login to the SNMP agent for reading information Trap Receiver
28. elf You can also use utility to configure 802 1X settings The procedures are similar to above described 4 4 Wireless Client Setup Windows XP is originally 802 1X support As to other operating systems windows 98SE ME 2000 an 802 1X client utility is needed The following procedures show how to configure 802 1X Authentication with WL 3555 in Windows XP Please note that if you want to change the 802 1x authentication type of a wireless client i e switch to EAP TLS from EAP MD5 you must remove the current existing wireless network from your preferred connection first and add it in again 4 4 1 EAP MD5 Authentication 1 Go to Start gt Control Panel double click on Network Connections 2 Right click on the Wireless Network Connection which using WL 3555 3 Click Properties to open up the Properties setting window Wireless Network Connection Status FE General Support Connection Status Connected Duratior 01 47 43 Speed 22 0 Mbps Signal Strength q nail Actrviby Bute 4 Click on the Wireless Network tab 37 Wireless Hetwork Connection Properties ales General f Wireless Networks Authentication Advanced Connect using EN ZM WLAN PCT Adapter Thiz connection uses the following temz Cal EP Printer Chain fe fo Herat Hetworks M JE oS Packet Scheduler W Internet Protocol T CPP Install Uninstall Descnption Alows pour computer to access resources
29. found the icon M AP Mitt on your desktop please double click this icon to run the configuration utility and select each option to setup your Access Point as you need After settings in each option please press Apply to save It will show you the dialog box to enter User Name and Password By default the User Name and Password is admin LE Login Management Login UserName oo Password Po 14 3 2 2 1 Link Information E PLANET WAP 1966 Link Information AP Settings IP Settings WEP Settings 07 1 Settings Copyright 2003 PLANET WWAP 1966 Configuration Utility version 1 6 AP1620E2 lox Statu AP Mame AP1b20E2 ESSID APTEZDE2 IP Address 203 70 249 175 Mac Address 00 50 4P 16 20 E2 Domain o pl Channel EBS WEP Security Disable 00 30 4F 16 20 E214P16208 Apply Refresh Close When the configuration utility starts it will show you the first option Link Information You can view the first Access Point s current setting Note If you have many WAP 1966 all the WAP 1966s will list in Available AP You can select the WAP 1966 that you want to check then you can see the settings of the WAP 1966 3 2 2 2 AP Settings E PLANET WAP 1966 Link Information AP Settings IP Settings WEP Settings 002 1X Settings Copyright 2005 PLANET WWAP 1 966 Configuration Utility version 1 6 5 x Basic Setting ESSID AP1620E2
30. he client sends an EAP start message to WAP 1966 2 WAP 1966 replies with an EAP Request ID message 3 The client sends its Network Access Identifier NAI its user name to WAP 1966 in an EAP Respond message 4 WAP 1966 forwards the NAI to the RADIUS server with a RADIUS Access Request message 91 5 The RADIUS server responds to the client with its digital certificate 6 The client validates the digital certificate and replies its own digital certificate to the RADIUS server 7 The RADIUS server validates client s digital certificate 8 The client and RADIUS server derive encryption keys 9 The RADIUS server sends WAP 1966 a RADIUS ACCEPT message including the client s WEP key 10 WAP 1966 sends the client an EAP Success message along with the broadcast key and key length all encrypted with the client s WEP key 4 2 RADIUS Server Setup 4 2 1 Required Services After Windows 2000 server has been installed please install Service Pack 2 also and other latest security patch Furthermore the following service components are needed n Active Directory Please consult with your network administrator or an engineer who is familiar with Windows 2000 server to install Active Directory otherwise your system or network might be unstable n IAS Internet Authentication Service n Web Server IIS n Certificate Service 4 2 2 Setup Procedure 1 Login into Windows 2000 Server as Administrator or account tha
31. ith the limits for a Class B digital device pursuant to Part 15 of FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures 1 Reorient or relocate the receiving antenna 2 Increase the separation between the equipment and receiver 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected 4 Consult the dealer or an experienced radio technician for help FCC Caution To assure continued compliance example use only shielded interface cables when connecting to computer or peripheral devices Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment This device complies with Part 15 of the FCC Rules Operation is subject to the Following two conditions 1 This device may not cause harmful interference
32. ive Tools gt Certificate Authority 8 Right click on the Policy Setting select new 9 Select Certificate to Issue i Certification Authority e Ga Fe intended Purpose Gad EFS Recovery Agent Fie Recovery E 4 Wireless Ga Basic EFS Encrypting Ale System Revoked Certficates GA Domain Controler Client Authentication Server Autant E sued Certificates al Web Server Server Authentication ft Pending Requests GA Computer Client Authentication Server Aubhentii E Failed Requests FE Encrypting Ale System Secure Email ID x BCE Wew Tres Certification Authority Local ation Authority Code Storing Microsoft Trost List Signi fey Refresh Export list Hep Add a Certficate Template to the ist of Certificate Templates issued by this Certfica 10 Select Authenticated Session and Smartcard Logon by holding down to the Ctrl key and click OK to continue 54 Select Certificate Template Select a certiicate template to issue cerblicates Secure Email Cler Secure Email Cher Client Sutherticatic Client Autherticatic Code Stoning Microsoft Trust List Cratificate Renau 5 cancel 11 Go to Start gt Program gt Administrative Tools gt Active Directory Users and Computers 12 Right click on domain and select Properties to continue Tree Ae Au kive Director
33. k traffic between hosts to be separated based on the network s configuration In IP networking traffic takes the form of packets IP subnets advance network security and performance to some level by organizing hosts into logical groups subnet masks contain four bytes and usually appear in the same dotted decimal data For example a very common subnet mask in its binary demonstration 11111111 11111111 11111111 00000000 will usually be shown in the corresponding more readable form as 255 255 255 0 Gateway A gateway is a piece of software or hardware that passes information between networks You ll see this term most often when you either log in to an Internet site or when you re transient email between different servers DHCP DHCP is a protocol for dynamically assigning IP addresses to networked computers With DHCP a computer can automatically be given an exclusive IP address each time it logs on to a network making IP address management an easier job for network administrators When a computer connects to the network the DHCP server selects an IP address from a master list and assigns it to the system The device must set to Obtain the IP address automatically The Wireless Access Point Gateway s DHCP server is disabled by default If you would like to enable the DHCP server click on the On bottom DNS When you send email or position a browser to an Internet domain such as xxxxx com the domain name system translates the names into IP
34. log box will appear Please enter your User Name and Password here Default User Name and Password are both admin Click Ok Enter Network Password 21 e Please type Your user name and password Site 192 168 25 133 Realm AF046555 User Name Password Save this password in your password list Cancel 4 Then you will see the WAP 1966 web configuration page 3 1 1 Wizard Setup wizard provides a simple way to configure your WAP 1966 Clicking Wizard button on top panel of WAP 1966 s web page Setup Wizard will pop up as below 2 2 Mbps Access Point Microsoft Internet Explorer Welcome to the Mbps Access Point setup Wizard The Wizard will direct you through these four quick steps Start by clicking on Next astep 2 Set the SSID and Channel step 3 Set Encryption step 1 Set your new password step 4 Restart To quick configure WAP 1966 please follow the steps below to complete the configuration Click Next gt to continue Step 1 Set your new password E 22Mbps Access Pomt Microsoft Intemet Explorer Set Password You may want to change the Administrator password of this Access Point to prevent authorized modification to the configuration settings Enter your new password in the following text fields Click Next to continue with setup or Exit to quit setup wizard M Password papas E Verity Password Fees gt gt back next exit The
35. m and enter the key you want to use When Hex is selected you may enter alphanumeric characters in the range of A F a f and 0 9 in the WEP Key entry field Alternatively you may enter digit hexadecimal values in the range of a z A Z and 0 9 Note If you have many WAP 1966s in LAN and you want to set them have the same WEP key You can set one of them and then select all the WAP 1966 in the Available AP and press Apply You will see a dialog box appears as below You can enter their User Name and Password in this dialog box and Click OK to apply 19 T Losin Management 3 i m x APOBDBBS O0 30 4F 08 D6 68 AP046589 00 30 4F 04 65 89 DK Cancel 3 2 2 5 802 1x Settings PLANET WAF 1966 3 Eley xj Link Information Use Seating M 802 1 Function AP Settings Encryption Key Length s bits Lifetime ao Minutes IP Settings RAIUS Server Port 1812 WEP Settings ee Address ele fa JE 602 1X Settings Shared Secret FR RADIUS Server 2fOptional Port Te pases PIE EE EE Shared Secret FE Name MacAddress ESD AF1620E2 00 30 4F 16 20 E7 AP162061 Copyright 2003 PLANET WAF 1966 Configuration Utilit s version 16 4 y Apply Refresh Close 802 1X Function Enable or disable 802 1X authentication of WAP 1966 Encryption Key Select one of the Encryption key length options It should be set the same length as WEP key Select one of the Encryptio
36. mnetion is unavailable Cancel 11 Click OK 12 When wireless client has associated with WAP 1966 Windows XP will prompt you to select a certificate for wireless network connection If you only have one certificate in local computer system will automatically use it for authenticate If you have multiple certificates in local computer click on the network connection icon in the system tray to continue TEE 2 oe D AD hes LD Wireless Network Connection x Chick hereto enter your user name and password For the retwork PLANET AP stait 13 Select the certificate that was issued by the server in our demonstration WirelessCA and click OK to continue AG Connect Wireless Network Connection Friendly name Feel mt Wireless CA Expiration date 1 6 2004 4 02 08 Pe 14 Make sure this certificate is issued by correct server and click OK to complete the authentication process Volidate Server Certificate 4 The Root Certification Author Es for the servers certificate IS Wireless a Do you wank bo accept this connection 47 Chapter 5 Application This chapter describe the four operating mode of your WAP 1966 The four working modes of WAP 1966 are Access Point Access Point Client Mode Wireless Bridge mode and Multiple Bridge mode 5 1 Access Point mode With this mode your Wireless network connection could act as following age switch Access Point
37. mode i Roaming Any of your IEEE802 11b end nodes should found the nearest Access Point to communication with any other Wireless end nodes or the wired Ethernet network There are two things need to be check for your wireless end nodes the services set ID SSID and the Wired Equivalent Protocol WEP both parameters should the same with your Access Point 5 2 Wireless AP Client mode The WAP 1966 can also act as a client on a wireless LAN When configured as AP Client mode WAP 1966 soon makes your connected PC a wireless end node This mode can be deployed if your end nodes already installed with an Ethernet Adapter do not want to make any change but want to move it somewhere not easy to have the wire In this mode WAP 1966 will need to accompany with an existing WAP 1966 in access point mode in the wireless network Access Point Clientmode 48 5 3 Wireless Bridge mode The Wireless Bridge mode help to make the two Ethernet networks connected without any wire With two WAP 1966s in this mode the two LANs in distance can communicate to each other This could be deployed if the networks are hard to make the wire in between Please be noted please key in the MAC address to make the WAP 1966 communicate with a specific remote Access Point you can find the MAC address either from the utility or from the label under the Access Point The omni antenna is with 17dBm transmitting power if you would like to make longer distan
38. n ie E Advanced Setting Advanced Setting Transmission Rates 2 5 5 11 22 hib T Preamble Type Short Preamble oolD Broadcast Enable y Beacon Interval 00 RTS Threshold a OOOO Fragmentation Threshold 2346 OTIM Interval E Antenna selection Diversity Antenna AX Mode Disabled y Antenna Transmit Power 100 17dEm y Transmission Rates You may select transmission rate to 1 2Mbps 1 2 5 5 11Mbps or 1 2 5 5 11 22Mbps Preamble Type The preamble defines the length of the CRC block for communication between the Access Point and roaming Network Card Long preamble ensure the network card to communicate with access point more reliably Verify that you have selected the appropriate preamble type and click the Apply button to set it Note High network traffic areas should use the short preamble type SSID Broadcast This allows the AP to broadcast its SSID Other wireless client with site survey function can easily know this SSID and use this SSID to connect your access point To secure your wireless network from unauthorized users please disable this function Beacon Interval Specify the Beacon Interval value Enter a value between 1 and 1000 Beacons are packets sent by an Access Point to synchronize a wireless network RTS Threshold Use this field to specify a value for the RTS Threshold Enter a value between 256 and 2432 This value should remain at its default setting of 2 432 Should you enc
39. n Properties Ele General Wireless Networks Authentication Advanced Use Windows to configure my wireless network settings Available netuicrk To connect to an avalable network cick Configure Y PLANET AP Configure AP252423 Beanie dot i Wireless Preferednewcorks Automaticall connect to available networks in the order listed below A WES P Move dor configuralior Wireless Hetwork Properties Network name SSID F Wireless network Ley WEP This network requres a key for he following Network key Key lormal Key length 40 bits 5 characters Key index advanced ga _ The key is provided for me sutomalically sa computer to compute ad hoc network Wireless ass pomts are not used Cancel 7 Click OK 8 Click Authentication tab 9 Select Enable network access control using IEEE 802 1X option to enable 802 1x authentication 45 10 Select Smart Card or other Certificate from the drop down list box for EAP type Wireless Metvrork Connection Properties les General Wireless Hetwork Authentication dvanced Select this opbonto provide authenticated network access for wired and wireless Ethemet networks Enable nebyok access control using IEEE SOL TE Smat Card or other Cerbficate we mait Card or other Certificate Autbhenticate as computer when computer infomation it available Authenticate as guest when user or computer info
40. n key lifetime options Once the lifetime expires the Encryption key will be renewed by RADIUS server RADIUS Server 1 Enter the IP address communicate port number and shared secret key of your primary RADIUS server RADIUS Server 2 Enter the IP address communicate port number and shared secret key of your secondary RADIUS server Note As soon as 802 1X authentication is enabled all the wireless client stations that are connected to the AP currently will be disconnected The wireless clients must be configured manually to authenticate themselves with the RADIUS server to be reconnected 20 Chapter 4 802 1X Authentication Setup 4 1 802 1X Infrastructure An 802 1X Infrastructure is composed of three major components Authenticator Authentication server and Supplicant Authentication server An entity that provides an _ authentication service to an authenticator This service determines from the credentials provided by the supplicant whether the supplicant is authorized to access the services provided by the authenticator Authenticator An entity at one end of a point to point LAN segment that facilitates authentication of the entity attached to the other end of that link Supplicant An entity at one end of a point to point LAN segment that is being authenticated by an authenticator attached to the other end of that link In the following sections we will guide you to build an 802 1X Infrastructure step by step The i
41. na SSID broadcast Enable Disable Antenna transmit 100 17dBm wer po 4X Mode Enable Disable AP Mode WAP 1966 has four operation modes By default it is set to AP mode AP This mode is set to WAP 1966 by default This connects your wireless PCs to a wired network In most cases no change is necessary Up to 63 wireless clients can be connected through WAP 1966 AP Client A WAP 1966 set to AP Client mode is able to talk to one WAP 1966 functioning in AP mode and wireless client within its range This mode allows your WAP 1966 client to be the wirelessly bridged to the main WAP 1966 When you select this mode please enter the MAC address of the main WAP 1966 into Remote AP BSS ID field Or you can click on Site Survey button to search available AP in range When you connect to a specific AP its MAC address will appear on the Remote AP BSS ID field automatically Wireless Bridge This mode connects two physically separated LAN segments by using two WAP 1966s The remote WAP 1966 also needs to be set up as a Wireless Bridge The designated access point with which it communicates is identified by the Remote Bridge MAC It corresponds to the MAC Address of the remote Wireless Bridge Multiple Bridge This mode allows you to construct a network that has multiple WAP 1966s bridging multiple LANs wirelessly For all bridged WAP 1966s configure them in Multiple Bridge mode and all the WAP 1966s must be
42. ngs Enable WEP key and enter a desired key string You can skip this step if using EAP TLS Authentication 3 22Mbps wizard Status IP Setting Advanced Setting Security 802 1x Tools AP Name AP24A0C2 SSID abcdef Channel 6 Domain ETSI WEP Key Disable 64bits 128bits 256bits Mode HEX Ga Apply Cancel Help 2 Click on 802 1X for detailed configuration a K gt 22Mbps PONTE wizard Status Basic Setting IP Setting Advanced Setting Security Tools 802 1x Enabled Disabled Encryption Key Length 64bits 128 bits 256bits Lifetime 30 Minutes x RADIUS Server 1 IP bo D EE FE Port Na Shared Secret tonal TP pp UE 6 Port CE Shared Secret 3 Enable 802 1X Authentication by selecting Enable 4 If EAP MD5 is used you can leave the settings in Encryption Key Length and Lifetime as default If you are using EAP TLS authentication set the Encryption Key Length ranging from 64 to 256 Bits and the Lifetime from 5 Minutes to 1 Day As soon as the lifetime expires the Encryption Key will be renewed 36 by RADIUS server 5 Enter the IP address Port number and Shared Secret Key used by the Primary Radius Server 6 Enter the IP address Port number and Shared Secret Key used by the Secondary Radius Server 7 Click Apply The 802 1x settings will take effect right after WAP 1966 reboots its
43. nstructions are divided into three parts RADIUS Server Setup Microsoft Windows 2000 server Authenticator Setup WAP 1966 Wireless Client Setup Microsoft Windows XP WAP 1966 Switch RADIUS File Print Server Server server The above graph shows the network topology of the solution we are going to introduce As illustrated a group of wireless clients is trying to build a wireless network with WAP 1966 in order to have access to both Internet and Intranet With 802 1X authentication each of these wireless clients would have to be authenticated by RADIUS server If the client is authorized WAP 1966 would be notified to open up a communication port to be used for the client There are 2 Extensive Authentication Protocol EAP methods supported 1 MD5 and 2 TLS MD5 authentication is simply a validation of existing user account and password that is stored in a database of RADIUS server Therefore wireless clients will be prompted for account password validation to build the link TLS authentication is a more complicated authentication which is using certificate that is issued by RADIUS server for authentication TLS authentication is a more secure authentication since not only RADIUS server authenticates the wireless client but also the client can validate RADIUS server by the certificate that it issues The TLS authentication request from wireless clients and reply by Radius Server and WAP 1966 can be briefed as follows 1 T
44. o continue 34 test Properties x Member Of Diabin Environment SESSION Remote control Terminal Services Profile General Address Account Prohle Telephones Organization User logon name test FAE LOCAL E User logon name pre Windows 2000 FAES tect Logon Hours Log n To PF Account is locked out Account options D User met change password at nest logan M Usercannot change password oz E D MW Store password using reversible encryotion e Never Endo Friday Februsr 07 2009 48 Go to the Dial in tab and check Allow access option for Remote Access Permission and No Call back for Callback Options Then click OK test Properties 3 alx Remote control Terminal Services Profile General Addres Aceon Profle Telephones Organization Member Of Environment Sermone Remote Access Permission Dial n or WPM Fe Deny access Allow acces Conta access though Remote Access Policy En Veny Galleria Calback Options 5 Mo i f Set by Caller F Ating and Remote Access Service onlul Always Callback to P sdana State lPi ddresa pph Static Rotes Define routes to enable For this Diabin Staic Poules connection Cancel Apply 35 4 3 Authenticator Setup 1 For EAP MD5 Authentication WEP key must be set previously Go to Basic Setti
45. ock Policy inheritance Cancel Apal 42 Go to Computer Configuration gt Windows Settings gt Security Settings gt Account Policies gt Password Policies Double click on Store password using reversible encryption for all users in the domain lolx af Group Policy action view o gt Ellen x e Tree Computer Setting at Default Domain Policy Faecl FA AY Enforce password history 1 passwords remembered ee Computer Configuration fie Mazimumn password age de days E Sofware Settings ig Minimum password age D days E E Windows Settings te Minimum password length O characters E m Scripts Startup Shu So coors couch cael oncle here Micah ES H A Security Settings Store password using reversible encreption F e Account Policies Password Pc H A Account Lol o E kerberos Pol F a Local Policies l gg Event Log 8 Restricted Group pai System Services lid Registry Gl File System H E Public Key Policie Eg IP Securty Polici E E Administrative Template User Configuration E E Sotware Settings 33 43 Click Define this policy setting select Enabled and click OK to continue mars 4 Stoe password using reversible encryotion for al users in te EN domain Security Policy Setting F Deine this policy setting Enabled C Disabled 44 Go to Start gt Program gt Administrative Tools gt Acti
46. on a Microsoft network fe Show icanin notification area when connected ok 5 Click Properties of one available wireless network which you want to associate with Wireless Network Connection Properties Ele General Wireless Networks Authentication Advanced Use Windows to configure my wireless network settings Available networks To connect to an avalable network cick Configure Y PLANET AP Configure i AP252423 Wireless Preferednewcrks ae connect to available networks in the order listed Learn about seting up wirelers network configuralior Cu Comes 6 Select Data encryption WEP enabled option but leave other options unselected 38 7 Enter the network key in Network key text box The string must be the same as the first set of WEP key which you set to WAP 1966 Wireless Network Properties Network name SSID Wireless network key WEP This network requres a key for he following Network key Key format Key length Key ndex advanced _ The key is provided for me automaticaly ue 1 LE Cas 8 Click OK 9 Select Authentication tab 10 Select Enable network access control using IEEE 802 1X to enable 802 1x authentication 11 Select MD 5 Challenge from the drop down list box for EAP type 4 Wireless Network Connection Properties AE General Wireless Metwvworks Authentication Advanced
47. ontrol the transmit power of the WAP 1966 Four options are available 100 50 25 and 12 5 3 2 2 3 IP Settings amp PLANET WAP 1966 oix Fixed IP Address Link Information I DHCP Server DHCP Client AP Settings IP Address Setting IP Settings IP Address 203 i o WEP Settinas Subnet Mask 255 255 Gateway Los 70 DHCP fom EN EN DHCPto e EN DNS Server f E E 202 1 Settings Copyright 2003 PLANET WAF 1966 Configuration tility version 16 Apply Refresh Close DHCP DHCP is a protocol for dynamically assigning IP addresses to networked computers With DHCP a computer can automatically be given an exclusive IP address each time it logs on to a network making IP address management an easier job for network administrators When a computer connects to the network the DHCP server selects an IP address from a master list and assigns it to the system The device must set to Obtain the IP address automatically The Wireless Access Point s DHCP server is disabled by default If you would like to enable the DHCP server check the DHCP server option Fix IP Address You may give a fixed IP address to WAP 1966 manually by choosing this radio button IP Address Set an IP address for the AP Subnet mask Set the Subnet Mask for the AP Gateway The IP address of a gateway device necessary for communication with devices outside the subnet of the Access Point If your network is not divid
48. ooccccnccococcoconnocnnnncnnnannnnannnnnnnnnnnrnnnnrnan nn rnnnnrnannrnrnanarnannrnrnanarananaana 48 SD ACCESS POINTMODES a e ocaso 48 5 2 WIRELESS AP CLIENT MODE ccecececececececececececucucucucutecececececutuuenenecenececenenenenenenenenenenenes 48 5 WIRELESS DM RIDGE MOD E ceed a de dis due a o a die 49 5 A MULTIPLE BRIDGE MODE 0 nn ete nee ea eus aaa teens 49 CHAPTER 6 TROUBLESHOOTING Chapter 1 Introduction Thank you for purchasing WAP 1966 This device features the latest innovation wireless technology making the wireless networking world happened This manual guides you on how to install and properly use the WAP 1966 in order to take full advantage of its features 1 1 Package Contents Make sure that you have the following items One WAP 1966 e One AC Power Adapter One User s Manual and Utility CD O One Quick Installation Guide If any of the above items are missing contact your supplier as soon as possible 1 2 System Requirements Before installation please check the following requirements with your equipment Pentium Based And Above IBM Compatible PC System e CD ROM drive Windows 98 ME 2000 XP Operating System with TCP IP protocol 1 3 Features Wireless LAN IEEE802 11b compliant Up to 22Mbps wireless LAN 4X mode can raise wireless performance to 44Mbps equivalent 2 4GHz ISM band unlicensed operation Wireless connection without the hassles and cost of cabling Auto Scanning and Roaming
49. ounter inconsistent data flow only minor modifications are recommended Fragmentation Threshold This field is used to specify the fragmentation threshold Enter a value between 256 and 2346 If you experience a high packet error rate try to slightly increase your Fragmentation Threshold The value should remain at its default setting of 2 346 Setting the Fragmentation Threshold too low may result in poor performance DTIM Interval Specify the Beacon Rate Enter a value between 1 and 65535 that specifies the Delivery Traffic Indication Message DTIM A DTIM is a countdown informing clients of the next window for listening to broadcast and multicast messages When the AP has buffered broadcast or multicast messages for associated clients it sends the next DTIM with a DTIM Interval value AP Clients hear the beacons and awaken to receive the broadcast and multicast messages Antenna Selection These settings determine whether either or both antennas will be used to receive data The default setting is Diversity This setting is uses both antennae to help overcome multi path distortion There are two antennas on WAP 1966 One is visible from outside which is right antenna 4X mode Enable or disable 4X mode Enable 4X mode will raise the wireless performance to 44Mbps equivalent But please be noted both wireless AP and client must be using TI chipset and configured 4X mode enabled to make it effective wae Antenna Transmit power Used to c
50. refreshpolicy machine_policy Group policy propagation from the domain has been initiated for this computer t may take a few minutes for the propagation to complete and the new policy to t jake effect Please check Application Log for errors if any Lea Adding Internet Authentication Service 21 Go to Start gt Control Panel gt Add or Remove Programs 22 Select Add Remove Windows Components from the panel on the left 23 Select Internet Authentication Service and click OK to install 96 Networking Services _ XI To add or remove a component click the check bos A shaded box means hal orby part of the component will be iretaled To see whet s ncluded in a component click Detais Lubcomponents ot Hebwoking Services 0 COM Internet Services Proxy Mes Viens en ne EEE aM os O JM Ste Server ILS Services 1 5hMB Description Enables authentication authorization and accounting of dal up and PA users 145 supports the RADIUS protocol Total d k space required 0 4 ME Dates Space available on disk 0462 6 ME asis cant Setting Internet Authentication Service 24 Go to Start gt Program gt Administrative Tools gt Internet Authentication Service 25 Right click Client and select New Client 2 Internet Authentication Service _ oO x Protocol Friendly Name Export List Help 26 Enter the IP address of WAP 19
51. ry Be a Elf EL Public Key Policias i ER SS as da Atomatic Certificate Re est Setti q Aucomatic Certificate lequeast Ey Enterprise Trust A 3 IP Security Policies on Active Directory 1123 Administrative Templates Refresh 89 User Configuration Export Uist 4 2 Software Settings 7 4139 windows Settings Help 1 Adinik alive Templates 25 17 The Automatic Certificate Request Setup Wizard will guide you through the Automatic Certificate Request setup simply click Next through to the last step Automatic Certificate Request Setup Wizard Certificate Template The next hime a computer bgs on a certificate bated on the template pou select is provided A certiicale template is a set of predefined properbes for cerificates issued to computers Select template kom the following list Certificate templates Name intended Puposes Z o Z Client Sulhentication Server Qutherticatior Domain Controller Client 4ulhentication Server Suthentication Enrollnent Agent Computer Certificate Request Agent IPSEC 116155222 2j lt Back Next gt Cancel 18 Click Finish to complete the Automatic Certificate Request Setup 19 Go to Start gt Run and type command and click Enter to open Command Prompt 20 Type secedit refreshpolicy machine policy to refresh policy ES Command Prompt E L gt secedit
52. t Wireless A Tu Issuer Self Issued Time Validity Monday January 06 2003 through Thursday January 05 2005 Serial Number 13271301 4F4837B3 41 ED4CF7 249709F4 Thumbpring shel 294PCB3C 209F2F21 40C262F9 ZODSDERA B4900 10E Thumbprink fmd 1EB41EC0 20364070 66512146 413664470 0 9 Certificate is now installed Wireless Adapter Setup 1 Go to Start gt Control Panel double click on Network Connections 43 2 Right click on the Wireless Network Connection which using WL 3555 3 Click Properties to open up the Properties setting window Wireless Network Connection Status El E General Support Connection Status Lonnected Duratior 01 47 43 Speed 220 Mbps Signal Strength q alil Cent 4 Fecaved 70 335 0 Activity 4 Click on the Wireless Network tab Wireless Hetwork Connection Properties HE General f Wireless Net Authentication Advanced Connect using Eg 22M WLAN PCI Adepte Thiz connection uzes the following temz Cal Fie end Prier Sharing for M Microsoft Hetworks M JE oS Packet Scheduler 7 Internet Protocol T CPP Install Uninstall Properties Descnption Alows pour computer to access resources on a Microsoft network fe Show icanin notification area when conected Cancel 5 Click Properties of one available wireless network which you want to associate with 44 Wireless Network Connectio
53. t has Administrator authority 2 Go to Start gt Control Panel and double click Add or Remove Programs 3 Click on Add Remove Windows components 4 Check Certificate Services and click Next to continue Windows Components Wizard Windows Components You can add or remove components of Windows 2000 To add or remove a component click the checkbox 4 shaded box means that only part ofthe component will be installed To see what s included n a component click Details Components nn jA 4ccessones and Utilities 2 Certificate Services IM GEM ndesno Service 0 0 HE WF Internet Information Services 115 21 7 ME C dex Maneanementand Montana Tools EME Description netals a cerbfication authority CA to tue certificates for use with public key securky applications Total dsk space required 2 1 ME al Space available an disk 3524 4 MB LEPE Back Cancel 5 Select Enterprise root CA and click Next to continue 22 Windows Components Wizard CA Identifying Information Enter infomation to identity this LA CA name e Organization Po Oroanizationel unit See Citys eee State or province Country region fus E mail A CA description Po Valid for 2 veus Expres f 4720051215PM 6 Enter the information that you want for your Certificate Service and click Next to continue 7 Go to Start gt Program gt Administrat
54. to 13 for ETSI domain and 1 to 14 for Japan domain WEP Wired Equivalent Privacy WEP is an encryption scheme used to protect wireless data communication To enable the icon will prevent other stations without the same WEP key from linking with the AP 3 1 4 IP Settings You can set the IP Gateway DHCP and DNS to this Access Point on this field After configuration please click Apply to save your settings iret Rage last Page Previous Page Next Page Clear Log Refresh Message AP mode start Channel 6 SSID abcdef System started Wireless PC connected 00 30 4F 22 90 21 Wireless PC connected 00 30 4F 27 0E 13 Wireless PC connected 00 30 4F 27 0E 13 Wireless PC connected 00 30 4F 27 0E 13 IP Setting Advanced Setting Security 802 1x Tools WEP Key Disable 64bits 128bits 256bits C 4 Apply Cancel Help 22 Mbps wizard Status Basic Setting Advanced Setting Security 802 1x Tools LAN IP Obtain IP Automatically Fixed IP Address 192s fies Po Of Subnet Mask 255 pss ss Gateway b fo pP pP DHCP Server On off IP Range From p2 AZ p to 192 1168 fi foi DNS Server fo Po _ b Cancel Help IP address This address is a unique numbers that identifies a computer or device on the WAN or LAN These numbers are usually shown in groups separated by periods for example 123 123 23 2 Subnet Mask Subnets allow networ
55. twork card to communicate with access point more reliably Verify that you have selected the appropriate preamble type and click the Apply button to set it Note High network traffic areas should use the short preamble type Basic Rate The basic transfer rates should be set depending on the speed of your wireless network Slower wireless networks should be set at 1 2 or 1 2 5 5 11 Mbps while a faster wireless network should be set at 1 2 5 11 22 Mbps Supported Rate Select one of the wireless communications transfer rates based upon the speed of wireless adapters in WLAN Antenna Selection These settings determine whether either or both antennas will be used to receive data The default setting is Diversity This setting is uses both antennae to help overcome multi path distortion There are two antennas on WAP 1966 One is visible from outside which is right antenna SSID Broadcast Enable or disable a Service Set Identifier broadcast When enabled the SSID of the WAP 1966 is sent to wireless enabled devices on the area Set the WAP 1966 s SSID in the Basic Setting screen Enabling this function may cause unauthorized user to connect your wireless networks Antenna Transmit power Used to control the transmit power of the WAP 1966 Four options are available 100 50 25 and 12 5 4X mode Enable or disable 4X mode Enable 4X mode will raise the wireless performance to 44Mbps equivalent But please be noted both wireless AP and
56. utton to save the settings and restart WAP 1966 In the following web page please click Close to close the Setup Wizard window 3 1 2 Status You can check your WAP 1966 settings and status in this screen wizard Basic Setting IP Setting Advanced Setting Security 802 1x Tools Firmware Version 4 0 0f LAN MAC 00 03 2F 16 20 E2 IP Address 203 70 249 173 Subnet Mask 255 255 255 0 Gateway 0 0 0 0 Send 636 Receive 1256 Wireless MAC 00 03 2F 16 1C B4 SSID AP1620E2 Encryption Function Disable Channel 6 You can click the View Log button and then the screen below will appear You can view the logged message here You can also clear or refresh the log record Time Apri08 2003 18 24 33 Apr 08 2003 18 24 33 Apr 09 2003 10 04 31 Apr 09 2003 10 07 49 Apr 09 2003 10 07 49 Apr 09 2003 10 07 49 3 1 3 Basic Settings You can set the AP Name ESSID Channel and WEP function to this Access Point After configuration please click Apply to save your settings f 2 Mbps wizard Status AP Name AP24A0C2 SSID abcdef Channel Domain ETSI Mode HEX AP Name The host name of the WAP 1966 This can be any name for you to easily identify this access point SSID The SSID is the name shared among all points in the wireless network system must be identical for all points Channel The value of channel can be selected from channel 1 to 11 for FCC domain channels 1
57. ve Directory Users and Computers 45 Go to Users Right click on the user that you are granting access and select Properties Active Directory Users and Computers Console Window Help actin w le gt En FEO AA GE Tree Users 21 objects Ei aive Directory Users and Computers Zal FAE LOCAL G administrator User Bulk n account For admin J Buitin See Cert Publishers Security Group Enterprise certficabion sn 1 Computers a Admins Security Group Members who have admini a Coman controllers CE GHCP Users Security Group Members who have vieu 3 89 ForeigrsecurityPrncpal go Copy DAS Administrators Group 43 Users Dre Add members to group HS cliente who are permi CE Dor Disable Account ER Dor Reset Password hesignated administrators Al workstations and serve EE Dor Moya Al domain controllers in th ee Open home page Al domain quests Dor Send mall Al domain users Cent besignated administrators All Tasks k en go embers in this group can UE Delets ALIA account For QUES DIE Genre Buik im account For anar fi Iw Refresh AUIK n account For Intern y Distribution Center Se S us rvers in this group can E He Pesionaced administrators bese User fi TsInternetUser User This user account amp used 46 Go to Account tab and enable Store password using reversible encryption 47 Click Apply t
58. y Users and Compubers lea Cros Window Help aso view e Alm cP fel Ee B Bin Se FABLLOCAL S objects 25 Active rectory Users Name Type Description FA a LE Di ilkin kino ain En pres Control onkainer Defauk container for upar ag Find rgenizational Defauk container for nev a dg Sunmectio Bee onksiner Defauk container for secu 4 Connect to Doman Controler onksiner Defauk contsiner for upor 4 2 Operations Masters Pen k All Tasks p Whe F Hew window From Here Refresh Export List A p Properties pens pro Heb 13 Select Group Policy tab and click Properties to continue D4 FAE LOCAL Properties F mapa General Managed By a Current Group Policy Object Links for FAE Group Policy Ubec Links No Override Disabled Detauk Domain Policy Group Policy Objects higher in the list have the highest priority This list obtained kom fae FSE LOCAL Up A New Add Options Properties M Block Policy inheritance 14 Go to Computer Configuration gt Security Settings gt Public Key Policies 15 Right click Automatic Certificate Request Setting and select New 16 Click Automatic Certificate Request BATES l es 00 118 Aboma Certificate uest Computer Cor quration 4 29 Software Settings ed System Services 8 Regist
Download Pdf Manuals
Related Search