Netgear WAG302v2 Reference Manual
Contents
1. Management and Information v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Viewing the Activity Log To access the Activity Log connect to the WAG302v 2 and click Activity Log under the Information heading Activity Log Available Activity Lo Statistics y GF Activity Log Window Rogue AF ai Mar 23 08 19 24password auth succeeded for admil Mar 23 08 19 21bad password attempt for admin Mar 23 08 19 17Child connection from 10 254 24 3 Dec 31 16 00 36r00t login on ttysoO Dec 31 16 00 32map config c 144 map reload_dhep Al g gt Enable SysLog Syslog Server IP address 192 168 1123 123 Port 514 Figure 3 6 The Activity Log Window displays the Access Point system activity You can click Refresh to update the display To save the log contents into a file on your PC click Save As and save the file to a disk drive You can use a SysLog server to view the Activity Log If you have a SysLog server on your LAN then enable SysLog If enabled you must enter the IP address of your SysLog server and the port number that your SysLog server uses e SysLog Server IP Address The access point sends all the SysLog messages to the specified IP address if SysLog option is enabled Default 0 0 0 0 e Port The port number configured in the SysLog server on your LAN The default is 514 Management and Informa2. Netmask 255 255 255 0 Lease 86400 Seconds 1 Day Wireless LAN Parameters Super A G Mode Disabled RTS Threshold 2 346 Fragmentation Length 2 346 Beacon Interval 100 DTIM Interval 1 WMM Support Disabled SpectraLink Support Disabled Other Settings MAC Access Control Disabled Rogue AP Detection Disabled Activity Log Disabled HTTP Redirect Disabled Wireless Bridging and Repeating Disabled Maximum Wireless signal rate derived from IEEE Standard 802 11 specifications Actual throughput will vary Network conditions and environmental factors including volume of network traffic building materials and construction and network overhead lower actual data throughput rate Specifications v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Specifications for the WAG302v2 The following table describes the WAG302v2 technical specifications Table B 2 WAG302v2 Technical Specifications Parameter Network Management ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 Web based configuration and status monitoring Maximum Clients Limited by the amount of wireless network traffic generated by each node typically 30 to 70 nodes Status LEDs Power Ethernet LAN Wireless LAN Test Power Adapter 12V DC 1 2 A Electromagnetic Compliance Environmental Specifications FCC Part 15 Cl
3. Note The user must use the configuration utility provided with this product to ensure the channels of operation are in conformance with the spectrum usage rules for European Community countries as described below This device requires that the user or installer properly enter the current country of operation in the 5GHz Radio Configuration Window as described in the user guide before operating this device This device will automatically limit the allowable channels determined by the current country of operation Incorrectly entering the country of operation may result in illegal operation and may cause harmful interference to other system The user is obligated to ensure the device is operating according to the channel limitations indoor outdoor restrictions and license requirements for each European Community country as described in this document This device employs a radar detection feature required for European Community operation in the 5GHz band This feature is automatically enabled when the country of operation is correctly configured for any European Community country The presence of nearby radar operation may result in temporary interruption of operation of this device The radar detection feature will automatically restart operation on a channel free of radar The 5GHz Turbo Mode feature is not allowed for operation in any European Community country The current setting for this feature is found in the 5GHz Radio Configuration Window
4. Viewing Statistics The Statistics screen provides LAN and WLAN statistics From the WAG302v2 main menu click Statistics under the Information heading to view the screen shown in Figure 3 8 Activity Log Available Wireless Station List Statistics etal Statistics Wired Ethernet Received Transmitted Packets 1223052 25098 Bytes 83265177 4113240 Wireless 11a Received Transmitted Unicast Packets Broadcast Packets Multicast Packets Total Packets 7111 43450 Total Bytes 1343504 8157522 Wireless 11b g Received Transmitted Unicast Packets Broadcast Packets Multicast Packets Total Packets 11777 587736 Total Bytes 1624256 50362973 Figure 3 8 Management and Information 3 11 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table 3 2 explains the fields on the Statistics page Table 3 2 Access Point Statistics Field Description Wired Ethernet Received Transmitted Packets The number of packets sent since the WAG302v2 was restarted Bytes The number of bytes sent since the WAG302v2 was restarted Wireless Interface Received Transmitted Unicast Packets The Unicast packets sent since the WAG302v2 was restarted Broadcast Packets The Broadcast packets sent since the WAG302v2 was restarted Multicast Packets The Multicast packets sent since the WAG302v2 was restarted Tot
5. Indoors computers can connect over 802 11 wireless networks at a maximum range of several hundred feet for 802 11b g devices However the operating distance or range of your wireless connection can vary significantly based on the physical placement of the wireless access point For best results identify a location for your wireless access point according to these guidelines Away from potential sources of interference such as PCs large metal surfaces microwaves and 2 4 GHz cordless phones Inanelevated location such as a high shelf that is near the center of the wireless coverage area for all mobile devices jii v1 0 May 2006 Failure to follow these guidelines can result in significant performance degradation or inability to wirelessly connect to the wireless access point RF Exposure Warning for North America and Australia WARNING To meet FCC and other national safety guidelines for RF exposure the antennas for this device see below must be installed to ensure a minimum separation distance of 20cm 7 9 in from persons Further the antennas shall not be colocated with other antenna or radio transmitter Antenna Statement for North America and Australia In addition to its own antenna the WAG302v2 device has been approved for use with the following detachable antennas and antenna cables Approved Antenna Gain and Approved Antenna Antenna Cable Maximum Transmitted Antennas type Cable Length Power N
6. NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual NETGEAR NETGEAR Inc 4500 Great America Parkway Santa Clara CA 95054 USA 202 10182 01 May 2006 Technical Support Please register to obtain technical support Please retain your proof of purchase and warranty information To register your product get product support or obtain product information and product documentation go to http vww NETGEAR com If you do not have access to the World Wide Web you may register your product by filling out the registration card and mailing it to NETGEAR customer service You will find technical support information at http Avww NETGEAR com through the customer service area If you want to contact technical support by telephone see the support information card for the correct telephone number for your country 2006 by NETGEAR Inc All rights reserved Trademarks NETGEAR and the NETGEAR logo are registered trademarks and ProSafe is a trademark of NETGEAR INC Windows is a registered trademark of Microsoft Corporation Other brand and product names are trademarks or registered trademarks of their respective holders Information is subject to change without notice All rights reserved Statement of Conditions NOTE In the interest of improving internal design operational function and or reliability NETGEAR reserves the right to make changes to the products described in this document without noti
7. Open System Disabled Open System Disabled NETGEAR 4 NETGEAR 4_11a NETGEAR 5 NETGEAR 5_11a Open System Disabled NETGEAR 6 NETGEAR 6_11a Open System Disabled NETGEAR 7 NETGEAR 7_11a OpenSystem 1 Disabled Refresh Current Wireless Settings 11big Operating Mode IEEE 802 119 Channel Frequency 11 2462 MHz Rogue AP Detection Enabled Security Profiles No ProfileName SSID Security VLAN Status 1 NETGEAR NETGEAR_11g OpenSystem 1 Enabled 2 NETGEAR 1 NETGEAR 1_11g Open System Disabled 1 1 3 NETGEAR 2 NETGEAR 2_11g Open System Disabled 4 NETGEAR 3 NETGEAR 3_11g9 Open System 1 Disabled 5 NETGEAR 4 NETGEAR 4 11g OpenSystem 1 Disabled 6 NETGEAR S NETGEAR 5_11g OpenSystem 1 Disabled 7 NETGEAR 6 NETGEAR 6_11g OpenSystem 1 Disabled 8 NETGEAR 7 NETGEAR 7_11g OpenSystem 1 Disabled 2 4 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual For more information about the fields on the General page see Viewing General Information on page 3 7 b Click the Basic Settings link in the Setup section of the main menu to view the Basic Settings menu Basic Settings Wireless Settings 11a Wireless Settings 11b g Figure 2 2 c Configure the settings for your network and cli
8. Profile Definition The following settings are in the Profile Definition section on the Security Profile Configuration screen e Security Profile Name Use a name that makes it easy to recognize the profile and to tell profiles apart e Wireless Network Name SSID The SSID is also known as the wireless network name The SSID separates network traffic from different wireless networks For more information about the SSID see Wireless Network Name SSID on pagepage 2 11 e Broadcast Wireless Network Name SSID This field lets you turn off the SSID broadcast If you do so then only stations that know the SSID can connect Disabling the SSID broadcast might interfere with the wireless network discovery feature of some products The default is to enable SSID broadcast Network Authentication The WAG302v2 Wireless Access Point is set by default as an open system with no authentication When setting up Network Authentication note the following information e Ifyou are using Access Point mode then all options are available In other modes such as Repeater or Bridge some options might be unavailable e Not all wireless adapters support WPA or WPA2 Windows XP and Windows 2000 with Service Pack 3 do include the client software that supports WPA However client software is required on the client Consult the product documentation for your wireless adapter and WPA or WPA2 client software for instructions about configuring WPA2 settin
9. Task Command Set the Port Number of the Pri set radius client primary accounting mary Accounting Server port lt port_number gt Set the Shared Secret for the set radius client primary accounting Primary Accounting Server key lt value gt Set the IP Address of the Sec set radius client secondary accounting ondary Accounting Server server lt ip_address gt Set the Port Number of the Sec set radius client secondary accounting ondary Accounting Server port lt port_number gt Set the Shared Secret for the set radius client secondary accounting Access Control The commands in Table C 11 correspond to the Access Control page on the Web UI Table C 11 Access Control Settings Task Command View a list of wireless clients by MAC address get association station Create a list of clients to permit access to the AP set bss wlanObssvap0 mac acl mod accept list Add a client to the Trusted Wireless Stations list add mac acl wlanObssvapO mac lt mac_address gt Example add mac acl wlanObssvap0 mac 00 01 02 03 04 05 add mac acl wlanObssvap0 mac 00 01 02 03 04 06 Remove a client from the Trusted Wireless Stations list remove mac acl wlanObssvap0O mac lt mac_address gt Disable MAC Access Control remove all clients from the list remove mac acl all Command Line Reference v1 0 May 2006 C 13 NETGEAR ProSafe Dual Band Wireless
10. 2 4 6 10 10 hu Apr 13 16 06 49 2006 Grant _ 00 02 bc 00 14 8a HSHI VAP3 on 24 6 hu Apr 13 16 06 49 2008 Grant_ 00 02 be 00 14 89 HSHI VAP1 or 24 6 a of 24 11 Grant 00 00 84 20 50 06 NETGEAR 10 100 8531 hu Apr 13 16 14 18 2006 Grant 00 05 7 84 00 a0 NETGEAR_119 Off 24 11 10 100 4423 Thu Apr 13 16 14 05 2006 i Grant 00 12 17 70 85 3d Iwi7ne secap02 On 24 11 10 100 10627 Thu Apr 13 16 14 18 2006 a Known AP List MAC Address 00 0FbS 11 34 00 PM_NG g DO DFbS 92 c0 49 Netgear v1_g 00 0f b5 11 1c 00 NETGEAR Save AP List to a file Channel Import AP List from a file O Replace O Merge Browse Import Figure 3 9 To import a list of known APs 1 Create a text file that contains the MAC address of each known AP separated by a space The following example shows a list of six known APs that an administrator might upload to the AP QOS0Gf41sdyseekad 000E H5192 rcd49 00712117370785 73a 00 14 bf ae bl e4 00 40 4 8 47 03 00 0c 41 d7 ee b4 Management and Information 3 13 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Check the Replace radio button to replace the existing list of known APs or check Merge to add the new MAC addresses to the existing list Click Browse and navigate to the location where you saved the text file Select the file and click Open Click Import to uplo
11. MAC address of the wireless access point s Ethernet port Country Region The domain or region for which the wireless access point is licensed for use It may not be legal to operate this wireless access point in a region other than one of those identified in this field Firmware Version The version of the firmware currently installed Access Point Mode The operating mode of the WAG302v2 Access Point Bridge or Repeater VLAN 802 1Q Indicates if VLAN support is enabled The default is enabled Current IP Settings IP Address The IP address of the wireless access point Subnet Mask The subnet mask for the wireless access point Default Gateway DHCP Client The default gateway for the wireless access point communication If the DHCP Client is enabled the current IP address was obtained from a DHCP server on your network Disabled indicates a static IP configuration Current Wireless Settings Operating Mode Shows the IEEE 802 11 wireless operating mode Channel Frequency The channel the wireless port uses The default channel setting is 11 For the frequencies used on each channel see the resources listed in Appendix A Related Documents Rogue AP Detection Shows whether Rogue AP Detection is enabled Security Profiles For each Security Profile the following information is displayed Profile Number Profile Name SSID Security VLAN and Status
12. Table C 12 AP Management Task Command Revert to factory default factory reset settings Reboot the system reboot Viewing and Configuring System Information The commands in Table C 12 correspond to the pages on the Web UI under the Information heading This section includes commands for the following features e Activity Log e Available Wireless Station List e Statistics e Rogue AP Detection Table C 13 AP Information Task Command View the SysLog activity log get log entry View all SysLog server information get log detail Enable SysLog set log relay enabled 1 Disable SysLog set log relay enabled 0 Set the IP address of the SysLog server set log relay host lt ip_address gt Set the port number configured in the SysLog server set log relay port lt port_number gt View a list of wireless stations get association detail View interface statistics get interface all ip mac ssid tx packets tx bytes tx errors rx packets rx bytes rx errors Turn Rogue AP Detection On set radio wlan0O ap detection on Turn Rogue AP Detection Off set radio wlan0 ap detection off View a list of unknown APs get unknown ap View a list of known APs get known ap config Command Line Reference v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Tabl
13. 0 O 0 0 0 00 0 2 NETGEAR 7 NETGEAR 7_11a Open System 1 0 0 0 0 0 0 0 O Security Profile 2 Configuration Security Profile 2 Configuration The setup has been applied he setup has been applied Profile Definition Security Profile Name NETGEAR 1 Wireless Network Name SSID NETGEAR 1_11a Broadcast Wireless Network Name SSID Yes O No Profile Definition Security Profile Name NETGEAR 1 Wireless Network Name SSID NETGEAR 1_11g Broadcast Wireless Network Name SSID Yes O No Network Authentication Open System vi Open em Shared Key Legacy 802 1X letwork Authentication Data Encryption Data Encryption i reom WPAwithRadius Ff o ane eo WPA2 with Radius Fasgphrasei Keyt Fr oe with Radius Keyi Fern WPA amp WPAZ with Radius ETE WPA PSK Key 2 oaa WPA2 PSK KLO irene WPA2 PSK WPA PSK amp WPA2 PSK WPA PSK amp WPA2 PSK Key 3 KERERRERRS Key 3 paRaRRR ERS Kaya C 9 eSeeoarErs LO eaeereaeee Wireless Client Security Separation Oves No Wireless Client Security Separation Oves No Figure 2 7 Basic Installation and Configuration 2 15 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual
14. 2 are as follows Enable Wi Fi Multimedia WMM Select Yes or No as required on the Advanced Wireless Settings menu The default is No WMM is a subset of the 802 1 1e standard WMM allows wireless traffic to have a range of priorities depending on the kind of data Time dependent information such as video or audio has a higher priority than normal traffic For WMM to function correctly wireless clients must also support WMM e SpectraLink Enabled When SpectraLink support is enabled SVP traffic takes priority over all other traffic The default is Enabled Advanced Configuration 4 5 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual SpectraLink Voice Priority SVP is a QoS approach for Wi Fi deployments SVP is an open specification that is compliant with the IEEE 802 11b standard SVP minimizes delay and prioritizes voice packets over data packets on the Wireless LAN thus increasing the probability of better network performance e Modify AP EDCA Parameters Specify the AP EDCA parameters for different types of data transmitted from the WAG302v 2 to the wireless client e Modify Station EDCA Parameters Specify the Station EDCA parameters for different types of data transmitted from the wireless client to the WAG302v2 If WMM is disabled you cannot configure Station EDCA parameters Table 4 2 describes the settings for QoS Queues Table 4 2 QoS Queues and Parameters QoS Q
15. Antenna Gain and Approved Antenna Antenna X Transmitted Antennas type Antenna Cable Cable Cable P ower Length Attenuation NETGEAR 14 5 dBi directional NETGEAR 30 m 18 dB 3 dBm 14 5 dBi ANT24D18v2 outdoor indoor ACC 10314 05 15 dBm EIRP vii v1 0 May 2006 NETGEAR 9 dBi NETGEAR 10m 6 1 dB 8 9 dBm 9 dBi ANT2409 omnidirectional ACC 10314 04 or 17 9 dBm EIRP outdoor indoor ACC 10314 05 NETGEAR 5 dBi ceiling wall NETGEAR 1 5m 1 1dB 14 dBm 5 dBi ANT2405 indoor ACC 10314 01 19 dBm EIRP thru 05 a WAG302v2 maximum radiated power in the European Community 15 dBm cable loss antenna gain Please go to http www NETGEAR com and use the search feature to find an updated list of wireless accessories approved to be used with the WAG302v2 in the European Community Bestatigung des Herstellers Importeurs Es wird hiermit best tigt da das ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 gem der im BMPT AmtsblVfg 243 1991 und Vfg 46 1992 aufgef hrten Bestimmungen entstort ist Das vorschriftsmafige Betreiben einiger Ger te z B Testsender kann jedoch gewissen Beschr nkungen unterliegen Lesen Sie dazu bitte die Anmerkungen in der Betriebsanleitung Das Bundesamt fiir Zulassungen in der Telekommunikation wurde davon unterrichtet da dieses Ger t auf den Markt gebracht wurde und es ist berechtigt die Serie auf die Erf llung der Vorschriften hin zu b
16. Associated with AP 1 Parent AP in Repeater Mode Wireless PC Associated with AP 2 AP 2 AP in Repeater Mode Router Internet 192 168 0 Wireless PC Associated with AP 2 Figure 4 7 To set up a repeater with wireless client association follow the steps below 1 Configure the Operating Mode of the WAG302v2 Wireless Access Points e Configure AP 1 on LAN Segment 1 with the MAC address of AP 2 in the Remote MAC Address field e Configure AP 2 with the MAC address of AP 1 in the Remote MAC Address field 2 Verify the following for all access points e The LAN network configuration of the WAG302v2 Wireless Access Points are configured to operate in the same LAN network address range as the LAN devices e All APs must be on the same LAN That is all the APs LAN IP address must be in the same network 4 12 Advanced Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual e Ifusing DHCP all WAG302v2 Wireless Access Points should be set to Obtain an IP address automatically DHCP Client in the IP Address Source portion of the Basic IP Settings menu e All WAG302v2 Wireless Access Points use the same SSID Channel authentication mode if any and encryption in use 3 Verify connectivity across the LANs A computer on any LAN segment should be able to connect to the Internet or share files and printers with any other PCs or servers c
17. For enhanced security you can scan the wireless network to detect rogue access points Hotspot Settings You can allow all HTTP TCP port 80 requests to be captured and re directed to the URL you specify Upgradeable Firmware Firmware is stored in a flash memory and can be upgraded easily using only your Web browser and can be upgraded remotely You can also upgrade firmware from the command line interface CLD by using TFTP Access Control The Access Control MAC address filtering feature can ensure that only trusted wireless stations can use the WAG302v2 to gain access to your LAN 1 2 Introduction v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Security Profiles When using multiple BSSIDs you can configure unique security settings encryption SSID etc for each BSSID Simple Configuration If the default settings are unsuitable they are easy to change Hidden Mode The SSID is not broadcast assuring only clients configured with the correct SSID can connect Configuration Backup Configuration settings can be backed up to a file and restored Secure and Economical Operation Adjustable power output allows more secure or economical operation Power over Ethernet Power can be supplied to the WAG302v2 over the Ethernet port from any 802 3af compliant mid span or end span source such as the NETGEAR FSM7326P Managed Power over Ethernet Layer 3 managed switch Autose
18. May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual c Connect an Ethernet cable from your WAG302v2 Wireless Access Point to a LAN port on your router switch or hub ____ Note By default the DHCP client on the WAG302v2 is disabled If your network uses dynamic IP addresses you must change this setting To connect to the WAG302v2 after the DHCP server on your network assigns it a new IP address enter the access point name into your Web browser The default access point name is netgearxxxxxx where xxxxxx represents the last 6 bytes of the MAC address The default name is printed on the bottom label of the WAG302v2 d Connect the power adapter to the wireless access point and plug the power adapter in to a power outlet The PWR LAN and WLAN lights should light up 4 Verify wireless connectivity Using a computer with an 802 11a or 802 11b g wireless adapter with the correct wireless settings needed to connect to the WAG302v2 SSID WEP WPA MAC ACL etc verify connectivity by using a browser such as Mozilla Firefox Netscape or Internet Explorer to browse the Internet or check for file and printer access on your network ____ Note The default SSID is NETGEAR_11g for the 802 11b g radio and NETGEAR_11a for the 802 11a radio The SSID of any wireless access adapters must match the SSID you configure in the ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 If they do
19. Network Authentication to set interface wlan0 security wpa personal WPA2 set bss wlanObssvap0 wpa allowed off set bss wlanObssvap0O wpa2 allowed on Set Network Authentication to set interface wlan0 security wpa personal WPA and WPA2 set bss wlanObssvap0 wpa allowed on set bss wlanObssvap0O wpa2 allowed on Set the WPA Passphrase set interface wlan0 wpa personal key lt key gt Example set interface wlan0 wpa personal key Key or set interface wlan0O wpa personal key My KeyY Set Network Authentication to set interface wlan0 security wpa enterprise WPA with RADIUS set bss wlan0bssvap0 wpa allowed on set bss wlanObssvap0O wpa2 allowed off Set Network Authentication to set interface wlan0O security wpa enterprise WPA2 with RADIUS set bss wlanObssvap0O wpa allowed off set bss wlanObssvap0 wpa2 allowed on Command Line Reference C 11 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 9 Security Profile Settings continued Profile Task Command Set Network Authentication to set interface wlanO security wpa enterprise WPA and WPA2 with RADIUS set bss wlanObssvap0 wpa allowed on set bss wlanObssvap0 wpa2 allowed on Enable Wireless Client Security set radio wlan0O station isolation on Separation Disable Wireless Client Security set radio wlan0 station isolation off Separation Set the VLAN ID for the Security set vap vap0 with radio wlan0 vlan
20. Profile 7 NETGEAR 6 vap6 Profile 8 NETGEAR 7 vap7 Command Line Reference v1 0 May 2006 C 9 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual The commands in Table C 9 correspond to the Security Profile Settings page on the Web UI The commands in this table show how to configure Security Profile 1 which is the default profile and has a default profile name of NETGEAR Note The commands in Table C 9 configure the default security profile which is vapO on radio wlan0 To configure other security profiles use vapx where x is the VAP ID associated with the security profile To configure security profiles on the second radio use wlan1 Table C 9 Security Profile Settings Task Command Enable a security profile se vap vapO with radio wlanO sta tus up Disable a security profile set vap vap0 with radio wlan0 status down Set the security profile name set vap vap0 with radio wlan0 profile lt name gt Set the SSID of the security set interface wlan0vap0 ssid lt ssid_name gt profile Broadcast wireless network set bss wlan0bssvap0 ignore broadcast ssid off name Do not broadcast wireless set bss wlan0bssvap0 ignore broadcast ssid on network name Set Network Authentication to set interface wlan0 security plain text Open System Set Network A
21. Wireless Access Point ecese C 5 viowmng General Mormaii cise saeco eace totes copasacrcuncrasntiadaniiooniae sacri Mamaorniieetaaeneiemas C 6 CGONTQUNNG Basie SGUINGS scsiseretcsericccsasecrtcsrsneiececctaemetsert E C 7 Configuring Wireless Settings asa ce cad cad ccs ctcesnn cad eae eas sda ind ec oneadvundiamnaaiald rnad iaa C 8 Configuring Security Profile Settings c icectsccsnasiecieimineseiareisieelawiaieie C 9 RADIUS ae aE Sa BAINES isc eoess casntues sataeinnndadauendprsiatanlvaees aennipi ey eens puneeameneeeets C 12 Pe NATION S E vance aah iat Uneaten tate chia Demin E cena dooce C 13 Viewing and Configuring Management Settings 20 0 0 eee eeeeeeeeeeeeeeeentteeeeeeeneaees C 14 Viewing and Configuring System Information 2 0 0 eeeeeeeeeeeteeeeeeeeeteeeeeeeaees C 15 Configuring Advanced IP SatlingS ccucicisnccnadastaiindsitnadaeieutennmeliae C 16 Hotspot SOUINOS sncccsscnesteetvineniets crates tertstsentinincttnreeti arise init neennade C 17 Advanced Wireless Settings c ccccteswaretccsnnecseedinanseseeasssnneesedtneneedoneetnnnesbedbnneaadens C 17 Advanced Access Point SSUINGS sc nsaiiesdastianianiieaeninnsaioieiaieunie C 19 v1 0 May 2006 xi NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual xii v1 0 May 2006 About This Manual The NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual describes how to install configure and troubleshoot the ProSafe 802 11a g Dual B
22. administering the access point The CLI lets you view and modify status and configuration information The CLI is particularly useful if the network connection is not functioning because you can access the CLI through a serial port To connect to the WAG302v 2 by using the CLI see Using the Secure Telnet Interface on page 3 3 and Accessing the CLI by Using the Console Port on page 3 3 The following topics provide an introduction to the class structure upon which the CLI is based CLI commands and examples of using the CLI to get or set configuration information on an access point e Accessing CLI TAB Completion Help e Keyboard Shortcuts e Interface Naming Conventions e Entering CLI Commands e Using the CLI to Configure the WAG302v2 Wireless Access Point Accessing CLI TAB Completion Help Press the TAB key twice to show a list of available commands or keywords You can also use TAB to complete a command after you enter enough characters to uniquely identify a command If multiple completions exist the system beeps Type TAB again and the CLI displays all keywords that match the characters you entered Example 1 At a blank command line type TAB TAB press the TAB key twice to get a list of all commands netgearl15C00 add Add an instance to the running configuration config Upload Download the running configuration factory resetReset the system to factory defaults firmware upgrade Upgra
23. id lt 1 4096 gt RADIUS Server Settings The commands in Table C 10 correspond to the RADIUS Server Settings page on the Web UI Table C 10 RADIUS Server Settings Task Command Set the IP Address of the Primary Authentication Server set radi us cl server lt ip_addres ient primary authentication s gt Set the Port Number of the Primary Authentication Server set radi us cl port lt port_number gt ient primary authentication mary Accounting Server server lt ip_address gt Set the Shared Secret for the set radius client primary authentication Primary Authentication Server key lt value gt Set the IP Address of the set radius client secondary authentication Secondary Authentication server lt ip_address gt Server E Set the Port Number of the set radius client secondary authentication Secondary Authentication port lt port_number gt Server Set the Shared Secret for the set radius client secondary authentication Secondary Authentication key lt value gt Server Set the IP Address of the Pri set radius client primary accounting v1 0 May 2006 Command Line Reference NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 10 RADIUS Server Settings continued Secondary Accounting Server key lt value gt
24. must renew the IP address when the lease expires The default lease time is one day Configuring Hotspot Settings If you want the wireless access point to capture and redirect all HTTP TCP port 80 requests use this feature For example a hotel might want all wireless connections to go to its server to show a branded splash screen IP Settings Hotspot Settings Hotspot Settings HTTP Redirect Enable Disable URL http redirect com welcome Figure 4 2 Enter the URL of the Web server where you want to redirect HTTP requests Configuring Advanced Wireless Settings The WAG302v2 provides a bridge between Ethernet wired LANs and 802 11a b g compatible wireless LAN networks It provides connectivity between Ethernet wired networks and radio equipped wireless notebook systems desktop systems print servers and other devices The WAG302v2 also supports the following wireless features e Distributed coordinated function CSMA CA Back off procedure ACK procedure retransmission of unacknowledged frames e RTS CTS handshake e Beacon generation e Packet fragmentation and reassembly Advanced Configuration 4 3 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual e Roaming among access points on the same subnet From the Advanced Wireless Settings menu you can configure wireless LAN parameters and modify QoS queue settings including Wi Fi Multimedia WMM C
25. not match you will not get a wireless connection to the WAG302v 2 Note If you are unable to connect to the WAG302v2 with a wireless client see Chapter 5 Troubleshooting 2 6 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Logging in to the WAG302v2 Using Its Default IP Address After you install the WAG302v2 log in to it to configure the basic settings and the wireless settings The WAG302Vv2 is set by default with the IP address of 192 168 0 230 with DHCP disabled You can log in to the WAG302v 2 by using the HTTP or HTTPS protocol Note Unless you change the IP address or enable the DHCP client on the WAG302v2 the computer that you use to connect to the WAG302v2 should be configured with an IP address that starts with 192 168 0 x and a Subnet Mask of 255 255 255 0 Open a Web browser such as Internet Explorer Netscape Navigator or Mozilla Firefox Connect to the WAG302v2 by entering its default address of http 192 168 0 230 into your browser http 192 168 0 230 4 Figure 2 3 Note To use the HTTPS protocol enter https 192 168 0 230 into your browser and accept the certificate A login window like the one shown below opens Connect to 192 168 0 230 A User name admin Password eoccccce C Remember my password Figure 2 4 Basic Installation and Confi
26. server cp server cp server status up status down ipstart lt ip_address gt ipend lt ip_address gt netmask lt subnet_mask gt gateway lt ip_address gt C 16 v1 0 May 2006 Command Line Reference NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 14 Advanced IP Settings continued Task Command Set the Primary DNS Server set dhcp server dnsl lt ip_address gt Set the Secondary DNS Server set dhcp server dns2 lt ip_address gt Set the Primary WINS Server set dhcp server winsl lt ip_address gt Set the Secondary WINS Server set dhcp server winsl lt ip_address gt Set the Lease set dhcp server lease lt seconds gt Hotspot Settings The commands in Table C 15 correspond to the Hotspot Settings page on the Web UI under the Advanced heading Table C 15 Hotspot Settings Task Command View all HTTP redirect information get http redirect detail Enable HTTP Redirect set http redirect status up Disable HTTP Redirect set http redirect status down Set the URL for the redirect set http redirect url lt url gt Advanced Wireless Settings The commands in Table C 16 correspond to the Wireless Settings page on the Web UI under the Advanced heading For information about the configuration options in this section see Configuring Advanced Wireless Settings on pa
27. to the WAG302v2 after the DHCP server on your network assigns it a new IP address enter the access point name into the address field of your Web browser The default access point name is netgearxxxxxx where xxxxxx represents the last 6 bytes of the MAC address The default name is printed on the bottom label of the WAG302v2 e IP Address The default IP address is 192 168 0 230 To change it enter an unused IP address from the address range used on your LAN factory default 192 168 0 230 or enable DHCP e IP Subnet Mask Enter the subnet mask value used on your LAN factory default 255 255 255 0 e Default Gateway Enter the IP address of the gateway for your LAN For more complex networks enter the address of the router for the network segment to which the wireless access point is connected factory default 0 0 0 0 e DNS Server Enter the IP address of the Domain Name Server DNS you want to use factory default 0 0 0 0 e Spanning Tree Protocol Enable or disable spanning tree protocol factory default enabled Spanning tree protocol provides network traffic optimization in settings with multiple WAG302v2 Wireless Access Points Basic Installation and Configuration 2 9 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Untagged VLAN You can use VLANS on the WAG302v2 to logically separate traffic that is on the same physical network VLAN tagging is always enable
28. which is the default untagged VLAN Therefore all traffic is untagged until you change the untagged traffic VLAN ID on the Basic Settings page or assign a different VLAN ID to the Security Profile 2 18 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual SSID and Wireless Security Settings Form For a new wireless network print or copy this form and fill in the settings For an existing wireless network the person who set up or is responsible for the network can provide this information Be sure to set the Regulatory Domain correctly as the first step Store this information in a safe place SSID The Service Set Identification SSID identifies the wireless local area network You may customize it by using up to 32 alphanumeric characters Write your SSID on the line SSID Note The SSID in the wireless access point is the SSID you configure in the wireless adapter card All wireless nodes in the same network must be configured with the same SSID Authentication Circle one Open System or Shared Key Choose Shared Key for more security Note If you select shared key the other devices in the network will not connect unless they are set to Shared Key and have the same keys in the same positions as those in the WAG302v2 WEP Encryption Keys For all four data encryption keys choose the Key Size Circle one 64 128 or 152 bits Key 1 Key 2 Ke
29. 0 Secondary WINS Server 0 0 o 0 Lease 1 days D hours 0 minutes Apply Figure 4 1 Advanced Configuration 4 1 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual The following list provides information about how to configure DHCP settings Use AP as DHCP Server Turn on this option to allow the wireless access point to function as a DHCP Server for wireless clients The WAG302v 2 provides the pre configured TCP IP configurations for wireless clients connected to this wireless access point The default setting is disable ____ Note The DHCP server only assigns network information to clients that connect to the WAG302v2 through Security Profiles that are on the same VLAN as Security Profile 1 on the 802 11b g radio VLAN 1 is the default VLAN for all Security Profiles If you typically use an existing DHCP server on your network to assign network information to hosts you do not need to enable the DHCP server on the WAG302v 2 If you enable the WAG302v2 DHCP server you must configure the following TCP IP configuration information that the wireless access point assigns to wireless clients that associate with it Starting IP Address Enter the starting IP address the DHCP server on this Access Point can assign wireless clients The default starting IP address is 192 168 0 2 Ending IP Address Enter the Ending IP address the DHCP server on this Access Point can assign wireless client
30. 1 0 May 2006 C 7 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 6 Basic Setting continued s Task Command Set the Primary DNS Server set host static dns 1 lt ip_address gt Example set host static dns 1 10 10 3 10 Set the Secondary DNS Server set host static dns 2 lt ip_address gt Enable Spanning Tree Protocol set interface brvlanl stp on Disable Spanning Tree Protocol set interface brvlanl stp off Set the Management VLAN ID set management vlan id lt 1 4096 gt Enable Untagged VLANs and set set untagged vlan untagged vlan id lt 1 4096 gt the VLAN ID Set the Time Zone set ntp timezone lt timezone gt Enable the NTP Server set ntp status up Disable the NTP Server set ntp status down Use a custom NTP server set ntp use default servers off Use the default NTP server set ntp use default servers on Set the Hostname or IP Address set ntp servers primary secondary server for the custom NTP server lt hostname gt lt ip_address gt Example Note You can set a primary and set ntp serves primary ntp foo com secondary NTP server or set ntp servers primary server 192 168 1 10 View the Current Time date Configuring Wireless Settings The commands in Table C 7 correspond to the Wireless Settings page on the Web UI Table C 7 Wireless Settin
31. AG302v2 front and rear hardware functions Front Panel Figure 1 1 Viewed from left to right the WAG302v2 has these status LEDs PWR TEST LAN 802 11a WLAN and 802 11g WLAN LED Description PWR Power Indicator Off No power If this LED does not come on with the power adapter and cord correctly installed see Chapter 5 Troubleshooting On Power is on TEST Self Test Indicator Blink Indicates self test loading software or system fault if continues Note This LED may blink for a minute before going off LAN Ethernet link indicator Off No connection detected on the Ethernet link Amber On 10 Mbps Ethernet link detected Amber Blink Data is being transmitted or received on the 10 Mbps Ethernet link Green On 100 Mbps Fast Ethernet link detected Green Blink Data is being transmitted or received on the 100 Mbps Ethernet link Introduction 1 5 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual LED Description 802 11a WLAN Wireless LAN Link Activity Indicator 5 GHz Off No wireless link activity Green Blink Wireless link activity 802 11g WLAN Wireless LAN Link Activity Indicator 2 4 MHz Off No wireless link activity Green Blink Wireless link activity Rear Panel lt q 2 _ gt 3 4 5 6 Console 9600 N 8 1 LAN POE 12V 1 2A Figure 1 2 The numbers in Figure 1 2 correspond to the followi
32. ATA EIZ TH OAHMAZ 1999 5 EK Fran ais Par la pr sente NETGEAR Inc d clare que l appareil Radiolan est conforme aux French exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE slenska H r me l sir NETGEAR Inc yfir v a Radiolan er samr mi vi grunnkr fur og a rar Icelandic kr fur sem ger ar eru tilskipun 1999 5 EC Italiano Italian Con la presente NETGEAR Inc dichiara che questo Radiolan conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5 CE Latviski Ar o NETGEAR Inc deklar ka Radiolan atbilst Direkt vas 1999 5 EK b tiskaj m Latvian pras b m un citiem ar to saist tajiem noteikumiem Lietuvi iuo NETGEAR Inc deklaruoja kad Sis Radiolan atitinka esminius reikalavimus ir kitas Lithuanian 1999 5 EB Direktyvos nuostatas Nederlands Hierbij verklaart NETGEAR Inc dat het toestel Radiolan in overeenstemming is met de Dutch essenti le eisen en de andere relevante bepalingen van richtlijn 1999 5 EG v1 0 May 2006 Malti Maltese Hawnhekk NETGEAR Inc jiddikjara li dan Radiolan jikkonforma mal htigijiet essenzjali u ma provvedimenti ohrajn relevanti li hemm fid Dirrettiva 1999 5 EC Magyar Alul rott NETGEAR Inc nyilatkozom hogy a Radiolan megfelel a vonatkoz alapvet Hungarian k vetelm nyeknek s az 1999 5 EC ir nyelv egy b eldirasainak Norsk NETGEAR Inc erk
33. Access Point WAG302v2 Reference Manual Viewing and Configuring Management Settings The commands in Table C 12 correspond to the pages on the Web UI under the Management heading This section includes commands for the following features e Change Password e Remote Management e Upgrade Firmware e Backup and Restore e Reboot the System Table C 12 AP Management Task Command Set a password for admin set system password lt password gt access to the AP Enable Remote CLI Access set ssh status up Disable Remote CLI Access set ssh status down Enable SNMP set snmp status up Disable SNMP set snmp status down Set a Public Community name set snmp ro community lt string gt Set a Private Community set snmp rw community lt string gt name Set an IP address to receive set traphost host lt ip_address gt SNMP traps Upgrade the firmware firmware upgrade lt url gt requires a reboot Example firmware upgrade tftp 1 2 3 4 upgrade tar firmware upgrade file 1 2 3 4 tmp upgrade tar Example config download tftp 1 2 3 4 defaultcfg xml Backup the configuration file config download lt url gt Restore the configuration fle config upload lt url gt Example config upload tftp 1 2 3 4 defaultcfg xml C 14 Command Line Reference v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual
34. Default Settings 2 0 eceeeeeeees 3 6 Viewing General IMOrmatiOri vcccciccesercccescaverscircaverreccawmnrscnsstertesonenetvesimmnisend iceabnenuade 3 7 vViowng the Activity id en aidan e dace de teas add cede utile dea daw ble deeds oben EEEN aed N AAE 3 9 Viewing the Available Wireless Station List 0 cccesscccceeessscceceeensecceeeeenaneeeeeennees 3 10 VONN TOE poy sso itd se hp pcx awd pvos dau us ps de Sant pesata ova dna oa pedis Sale oes aun pnbeaRAN tes 3 11 kogte AF DEIOGUN ast cia Mesa denid 3 12 Chapter 4 Advanced Configuration Configuring Advanced IP Settings for Wireless Clients 0 0 0 0 cceeeeeeeeeeeeeeetteeeeeeenaees 4 1 C nig uning GIS POF SSUES assirian 4 3 Configuring Advanced Wireless Settings c ccccssceeseceseneeeeeeeeeneeeeeeeseneeeseeeeeneaeees 4 3 Configuring Wireless LAN Parameters iiicucccasisicccsscnedeccssenistecssantegumrsaanietaaaieniers 4 4 Modifying QoS Queue ParamolerS ssiiessevisseaudecevicuad den kirni sinir nn Nai 4 5 Wireless Bridging and Repealing xj cnidcntrtnanniaianctrrsianwa Rees 4 7 Point to Point Bridge CONMGUIOUON siiicte scccstscessinssscees sessadstorsnatveoramsreecsramentcesneades 4 9 Multi Point Bridge Configuration sisi ccatnassaicen s eeauandsiadsiwuad eva renis sansadlcanseaaulennndaunds 4 10 Repeater with Wireless Client Association 2 ccccceeeeeeeeeeeeeeeeeceneaeeeeeeeeess 4 12 Chapter 5 Troubleshooting No lights are lit on the access poini sicssseu
35. EAR website in Appendix B Related Documents Note Product updates are available on the NETGEAR Inc website at http kbserver netgear com products WAG302v2 asp How to Use This Manual The HTML version of this manual includes the following e Buttons gt and lt for browsing forwards or backwards through the manual one page at a time e A button that displays the table of contents and an button Double click on a link in the table of contents or index to navigate directly to where the topic is described in the manual A button to access the full NETGEAR Inc online knowledge base for the product model e Links to PDF versions of the full manual and individual chapters xiv v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual How to Print this Manual To print this manual you can choose one of the following several options according to your needs Your computer must have the free Adobe Acrobat Reader installed in order to view and print PDF files The Acrobat Reader is available on the Adobe website at http Avww adobe com Printing a Page in the HTML View Each page in the HTML version of the manual is dedicated to a major topic Use the Print button on the browser toolbar to print the page contents Printing a Chapter Use the PDF of This Chapter link at the top left of any page Click the PDF of This Cha
36. ETGEAR 14 5 dBi directional NETGEAR ACC 10314 1 5 m to 30m 18 dBm 14 5 dBi ant ANT24D18v2_ outdoor indoor 01 thru 05 NETGEAR 9 dBi NETGEAR ACC 10314 1 5m to 30 m 18 dBm 9 dBi ant ANT2409 omnidirectional 01 thru 05 outdoor indoor NETGEAR 5 dBi ceiling wall NETGEAR ACC 10314 1 5m to 30 m 18 dBm 5 dBi ant ANT2405 indoor 01 thru 05 a WAG302v2 maximum radiated power in North America and Australia 19 dBm cable loss antenna gain Please see the product specifications at http kbserver netgear com products wag302 asp for an updated list of wireless accessories approved to be used with the WAG302v2 Industry Canada Compliance Statement This Class B Digital apparatus meets all the requirements of the Canadian Interference Causing Equipment Regulations ICES 003 Cet appareil numerique de classe B respecte les exigences du reglement du Canada sur le materiel brouilleur NMB 003 The device is certified to the requirements of RSS 210 for 2 4 GHz spread spectrum devices The use of this device in a system operating either partially or completely outdoors may require the user to obtain a license for the system according to the Canadian regulations For further information contact your local Industry Canada office v1 0 May 2006 Europe EU Declaration of Conformity C Marking by the above symbol indicates compliance with the Essential Requirements of the R amp TTE Directive of the Europea
37. IEEE 802 11a Channel Frequency 52 5260 MHz Rogue AP Detection Enabled Security Profiles No Profile SSID Security Status NETGEAR NETGEAR_11a Open System Enabled NETGEAR 1 NETGEAR 1_11a Open System Disabled NETGEAR 2 NETGEAR 2_11a Open System Disabled NETGEAR 3 NETGEAR 3_11a Open System Disabled NETGEAR 4 NETGEAR 4_11a Open System Disabled NETGEAR 5 NETGEAR 5_11a Open System Disabled NETGEAR 6 NETGEAR 6_11a Open System Disabled NETGEAR 7 NETGEAR 7_11a Open System Disabled Current Wireless Settings 11b g Operating Mode IEEE 802 119 Channel Frequency 11 2462 MHz Rogue AP Detection Enabled Security Profiles Profile Name SSID Security Status NETGEAR NETGEAR_11g Open System Enabled NETGEAR 1 NETGEAR 1_11g Open System Disabled NETGEAR 2 NETGEAR 2_11g Open System Disabled NETGEAR 3 NETGEAR 3_119 Open System Disabled NETGEAR 4 NETGEAR 4_119 Open System Disabled NETGEAR 5 NETGEAR 5_119 Open System Disabled NETGEAR 6 NETGEAR 6_11g Open System Disabled NETGEAR 7 NETGEAR 7_11g Open System Disabled Figure 3 5 Management and Information 3 7 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table 3 1 describes the fields on the General Information page Table 3 1 General Information Fields Field Description Access Point Information Access Point Name NetBIOS name The name of the access point which you can configure MAC Address The Media Access Control address
38. Key 2 Key 3 Key 4 If using WEP select the key to be used as the default key Data transmissions are always encrypted using the default key The other keys can only be used to decrypt received data e WPA Pre Shared Key If using WPA PSK enter the passphrase here All wireless stations must use the same passphrase network key The network key must be from 8 to 63 characters in length Note Security Profiles that share the same type of network authentication must share the same passphrase or keys Security Profiles that use WEP must passp y y share the same four keys but they do not need to use the same default key Wireless Client Security Separation If enabled the associated wireless clients will not be able to communicate with each other This feature is used for hotspots and other public access situations The default is disabled VLAN ID Enter a VLAN ID from 1 4094 to assign traffic from wireless clients to a VLAN When a wireless client uses this Security Profile the traffic is tagged with the VLAN ID you specify To assign multiple Security Profiles to the same VLAN enter the same VLAN ID for each profile The default VLAN ID is 1 If you enter a VLAN ID that is not the default make sure the VLAN ID matches the VLAN ID that switches and other network devices use on the LAN The VLAN assigned to the first Security Profile default name NETGEAR is the management VLAN By default all traffic on the WAG302v2 uses VLAN 1
39. La TENO PTO aa a es irr veany ints Tete rrer 2 17 Wireless Client Security Separation sssscciasssscanccisssaancaxasassaaseiss seadecan EE 2 18 ix v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual VLAN TD crass conte tase ven reipcenusae air von ceaaduevuantedeepandAdassadseadoba Venighirepeatacmedeelubebuntseuialar 2 18 SSID and Wireless Security Settings FOr 0 ccccceccseeeeeeeeneeeeeeeeeeeeeeeenaeeeenee 2 19 Configuring the RADIUS Server Settings ccniscisncciacesoscmatersvestebriaestaernnamareniamareblant 2 20 Restricting Wireless Access by MAC Address ccccccscccccsessenceceeeeseceeceeessneeceeeneeaes 2 21 Chapter 3 Management and Information Changing the Administrator PASSWORD ccciinsccscccatessssstessnnssanstsnnnastannvnssssentesansasemtennsesieass 3 1 Romoli Mana JONON crc n eieeeiaenii aR 3 2 Using the Secure Telnet Interfata seccsisestertssncstves siiin a 3 3 Accessing the CLI by Using the Console Port ssssssseisseesrrssseerrrssererrsssrrerrsssreenns 3 3 CL COMI IIE snin anaa 3 4 Upgrading the Wireless Access Point Firmware c ccccccssscceseeeseeeeeseeseeeneseeseeneeees 3 4 Configuration File Management sisi sasccatauas cavaininnsaccavadanuerdostaedeerssaansnerssadhiuitansueubincsannanueds 3 5 Backing up and Restoring the Configuration 0 c cccccceessesisenessensseneesenesinneeseensanness 3 6 Erasing Te OT UD sesia 3 6 Using the Reset Button to Restore Factory
40. Near the center of the area in which your PCs operate e In an elevated location such as a high shelf where the wirelessly connected PCs have line of sight access even if through walls e Away from sources of interference such as PCs microwaves and 2 4 GHz cordless phones e Away from large metal surfaces Putting the antenna in a vertical position provides best side to side coverage Putting the antenna in a horizontal position provides best up and down coverage 2 2 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual If you use multiple access points it is better if adjacent access points use different radio frequency Channels to reduce interference The recommended Channel spacing between adjacent access points is five Channels for example use Channels 1 and 6 or 6 and 11 The time it takes to establish a wireless connection can vary depending on both your security settings and placement Installing the WAG302v2 Wireless Access Point Before you install the WAG302v2 Wireless Access Point make sure that your Ethernet network is up and working You will be connecting the access point to the Ethernet network Then computers with 802 11a or 802 11b g wireless adapters will be able to communicate with the Ethernet network In order for this to work correctly verify that you have met all of the network and system requirements described in Syst
41. Wireless Access Points e Because it is in a central location configure WAG302v2 AP 1 on LAN Segment 1 in Point to Multi Point Bridge mode and enter the MAC addresses of AP 2 and AP 3 in the Remote MAC Address 1 and Remote MAC Address 2 fields 4 10 Advanced Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual e Configure WAG302v2 AP 2 on LAN Segment 2 in Point to Point Bridge mode with the Remote MAC Address of AP 1 e Configure the WAG302v2 AP 3 on LAN 3 in Point to Point Bridge mode with the Remote MAC Address of AP 1 2 Verify the following for all access points e The LAN network configuration of the WAG302v2 Wireless Access Points are configured to operate in the same LAN network address range as the LAN devices e Only one AP is configured in Point to Multi Point Bridge mode and all the others are in Point to Point Bridge mode e All APs must be on the same LAN That is all the AP LAN IP addresses must be in the same network e Ifusing DHCP all WAG302v2 Wireless Access Points should be set to Obtain an IP address automatically DHCP Client in the IP Address Source portion of the Basic IP Settings menu e All WAG302v2 Wireless Access Points must use the same SSID Channel authentication mode if any and encryption in use e All Point to Point APs must have the MAC address of AP 1 in the Remote AP MAC address field 3 Verify connectivity across
42. ad the list to the AP 3 14 Management and Information v1 0 May 2006 Chapter 4 Advanced Configuration This chapter describes how to configure the advanced features of your ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 The following list describes the advanced features e IP Settings Use the AP as a DHCP server for wireless clients Hotspot Settings Capture and redirect all HTTP TCP port 80 requests e Wireless Settings Configure advanced wireless LAN parameters and Quality of Service QoS e Access Point Settings Enable wireless bridging and repeating To get to these features connect to the WAG302v2 as described in Logging in to the WAG302v2 Using Its Default IP Address on page 2 7 and click the desired link under the Advanced menu heading Configuring Advanced IP Settings for Wireless Clients The WAG302v2 can act as a DHCP server gateway for wireless clients After you log in click IP Settings under the Advanced menu to view the Advanced IP Settings for Wireless Clients IP Settings ican wattwaas Advanced IP Settings for Wireless Clients Wireless Setting eee DHCP Server 3 Enable Disable Access Point Se Starting IP Address 192 168 R ok aah Ending IP Address 192 168 fo so Subnet Mask Zon R59 255 0 Gateway IP Address o J0 x 2 0 Primary DNS Server 0 0 0 0 Secondary DNS Server 0 a 18 8 Primary WINS Server 0 0 a 8
43. al Packets The Wireless packets sent since the WAG302v2 was restarted Total Bytes The Wireless bytes sent since the WAG302v2 was restarted Refresh button Click the Refresh button to update the statistics on this screen Rogue AP Detection The WAG302v2 can detect rogue APs and wireless stations and exclude them from connecting to the WAG302v2 Wireless Access Point To enable Rogue AP Detection 1 From the WAG302v2 main menu under Information click Rogue AP Detection to view the page shown in Figure 3 9 2 Check the Turn Rogue AP Detection On radio box to enable Rogue AP Detection and click Apply If you enable Rogue AP Detection the AP continuously scans the wireless network and collects information about all APs heard on its channel 3 Click Rescan to discover the APs 4 Click Grant to add any AP to the Known AP List 5 Click Delete to remove an AP from the list 6 Click Save to export the list of known APs to a file A window opens so you can browse to the location where you want to save the file The default file name is WAG302Rogue cfg 3 12 Management and Information v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Activity Log Available Wireless Station List Statistics Rogue AP Detection 11a Rogue AP Detection 11b g Rogue AP Detection 11big Turn Rogue AP Detection On Apply Unknown AP List Grant _ o0 02 ne 00 1 4 8b HSHI VAP 2 on
44. ames transmitted without header information Valid values for maximum burst length are 0 0 through 999 9 Advanced Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Wireless Bridging and Repeating The WAG302v2 Wireless Access Point lets you build large bridged wireless networks Examples of wireless bridged configurations are e Point to Point Bridge The WAG302v2 communicates with another bridge mode wireless station See Point to Point Bridge Configuration on page 4 9 e Multi Point Bridge The WAG302v2 is the master for a group of bridge mode wireless stations Then all traffic is sent to this master rather than to other access points See Multi Point Bridge Configuration on page 4 10 e Repeater with Wireless Client Association Sends all traffic to the remote AP See Repeater with Wireless Client Association on page 4 12 Note The Wireless Bridging and Repeating feature uses the default Security Profile to send and receive traffic These configurations can be set up from the Advanced Access Point Settings page shown in Figure 4 4 Advanced Configuration 4 7 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual IP Settings Hotspot Settings Wireless Settings 11a Wireless Settings 11b g Access Point Settings 11a Access Point Settings 11b g Advanced A
45. and Wireless Access Point WAG302v2 The information in this manual is intended for readers with intermediate computer and Internet skills Conventions Formats and Scope The conventions formats and scope of this manual are described in the following paragraphs e Typographical Conventions This manual uses the following typographical conventions Italics Emphasis books CDs URL names Bold User input Fixed Screen text file and server names extensions commands IP addresses e Formats This manual uses the following formats to highlight special messages Note This format is used to highlight information of importance or special interest 9 Tip This format is used to highlight a procedure that will save time or resources A Warning Ignoring this type of note may result in a malfunction or damage to the equipment xiii v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual A Danger This is a safety warning Failure to take heed of this notice may result in personal injury or death e Scope This manual is written for the WAG302v2 Wireless Access Point according to these specifications Product Version ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 Manual Publication Date May 2006 For more information about network Internet firewall and VPN technologies see the links to the NETG
46. any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment Example use only shielded interface cables when connecting to computer or peripheral devices FCC Requirements for Operation in the United States Radio Frequency Interference Warnings amp Instructions NOTE This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try and correct the interference by one or more of the following measures e Reorient or locate the receiving antenna e Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help Placement and Range Guidelines
47. as described in the user guide This device may be operated indoors or outdoors in all countries of the European Community using the 2 4GHz band Channels 1 13 except where noted below e In Italy the end user must apply for a license from the national spectrum authority to operate this device outdoors vi v1 0 May 2006 e In France outdoor operation is only permitted using the 2 4 2 454 GHz band Channels 1 7 Belgium requires notifying spectrum agency if deploying gt 300meter wireless links in outdoor public areas using 2 4GHz band European Spectrum Usage Rules Effective April 11 2006 5 25 5 35 5 47 5 725 GHz 5 15 5 25 GHz 2 4 2 4835 GHz GHz Channels Country Channels Channels 100 104 108 112 116 Channels 1 to 13 52 56 60 64 120 124 128 132 136 140 36 40 44 48 Except Where Noted ALL EC Countries Belgium France Greece Italy Turbo Mode AdHoc Mode Antenna Statement for the European Community Please note that the 100mW EIRP limit and regulations could vary in Europe from country to country Please check the regulations in your country The antenna cable type and length must comply with European regulations Refer to the table below for approved antenna and cable accessories In addition to its own antenna the WAG302v2 device has been approved for use with the following detachable antennas and antenna cables Minimum Minimum Maximum Approved
48. ass B and Class E Class CE and C Tick Operating temperature 0 to 50 C Operating humidity 5 95 non condensing Data Encoding 802 11b 1 and 2 Mbps Direct Sequence Spread Spectrum DSSS 802 11b 5 5 and 11 Mbps Complementary Code Keying CCK 802 11g All rates Orthogonal Frequency Division Multiplexing OFDM Maximum Computers Per Wireless Network Limited by the amount of wireless network traffic generated by each node Typically 10 40 nodes 802 11a Data Rates 802 11a Operating Frequencies 6 9 12 18 24 36 48 54 and 108 Mbps Auto rate capable 5 15 5 25 5 25 5 35 5 57 5 825 802 11a Encryption 40 bits also called 64 bits 128 and 152 bits WEP data encryption 802 11b g Radio Data Rate 1 2 5 5 6 9 11 12 18 24 36 48 54 and 108 Mbps Auto rate capable 802 11b and g Operating Frequencies 2 412 2 462 GHz US 2 457 2 462 GHz Spain 2 412 2 484 GHz Japan 2 457 2 472 GHz France 2 412 2 472 GHz Europe ETSI 802 11g Encryption 40 bits also called 64 bits 128 and 152 bits WEP data encryption Antenna One 1 external 5 dBi 2 4 GHz detachable antenna and one 1 external 5 dBi 5 GHz detachable antenna Specifications v1 0 May 2006 Appendix C Command Line Reference In addition to the Web based user interface the ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 includes a command line interface CLI for
49. but the data broadcast over the wireless link is fully exposed e Turn Off the Broadcast of the Wireless Network Name SSID If you disable broadcast of the SSID only devices that have the correct SSID can connect This nullifies the wireless network discovery feature of some products such as Windows XP but the data is still fully exposed to a determined person using specialized test equipment like wireless sniffers e Use WEP Wired Equivalent Privacy WEP data encryption provides data security WEP Shared Key authentication and WEP data encryption will block all but the most determined eavesdropper e Use IEEE 802 1x IEEE 802 1x is the standard for passing the Extensible Authentication Protocol EAP over an 802 11 wireless network using a protocol called EAP Encapsulation Over LANs EAPOL This is a newer more secure standard than Static WEP Use WPA WPA PSK WPA2 or WPA2 PSK Wi Fi Protected Access WPA and WPA2 data encryption provides data security The very strong authentication along with dynamic per frame rekeying of WPA make it virtually impossible to compromise Because this is a newer standard than the other security options wireless device driver and software availability may be limited Configuring Security Profiles You can configure up to eight unique security settings for each radio 802 11a and 802 11b g on the WAG302v2 Figure 2 7 shows the Security Profile Settings page The options and procedures to c
50. ccess Point Settings 11a dvanced Access Point Settings 11big Access Point Mode C Enable Wireless Bridging and Repeating Z Enable Wireless Bridging and Repeating Wireless Point to Point Bridge Enable Wireless Client Association Local MAC Address o Wireless Point to Point Bridge Enable Wireless Client Association Local MAC Address ooj jos 7c 7 0 O5 7C 84 00 158 Remote MAC Address Remote MAC Address 80 oF E5 11 64 Wireless Point to Multi Point Bridge Enable Wireless Client Association Local MAC Address oof Wireless Point to Multi Point Bridge Enable Wireless Client Association Local MAC Address OO OS 7C 84 00 50 NS 7c 84 0058 Remote MAC Address 1 Remote MAC Address 1 Remote MAC Address 2 Remote MAC Address 2 Remote MAC Address 3 Remote MAC Address 3 Remote MAC Address 4 Remote MAC Address 4 Repeater with Wireless Client Association Local MAC Address 9 Repeater with Wireless Client Association Local MAC Address foo 05 7c oo sO Remote MAC Address 1 Remote MAC Address 1 Remote MAC Address 2 Remote MAC Address 2 Remote MAC Address 3 Remote MAC Address 3 Remo
51. ce NETGEAR does not assume any liability that may occur due to the use or application of the product s or circuit layout s described herein NOTE Modifications made to the product unless expressly approved by NETGEAR could void the user s authority to operate the equipment NETGEAR does not assume any liability that may occur due to such condition Federal Communications Commission FCC Compliance Notice Radio Frequency Notice ProSafe 802 11a g Dual Band Wireless Access Point Tested to Comply with FCC Standards FOR HOME OR OFFICE USE FCC ID PY3WAG302v2 This device complies with part 15 of the FCC Rules Operation is subject to the following two conditions e This device may not cause harmful interference e This device must accept any interference received including interference that may cause undesired operation v1 0 May 2006 FCC Statement Declaration of Conformity We NETGEAR 4500 Great America Parkway Santa Clara CA 95054 USA Tel 1 408 907 8000 declare under our sole responsibility that the product s WAG302v2 Model Designation 802 11a g ProSafe Dual Band Wireless Access Point Product Name complies with Part 15 of FCC Rules Operation is subject to the following two conditions 1 this device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation To assure continued compliance
52. ck Apply See the online help or Basic IP Settings on page 2 8 for more information about how to configure the settings on this page d Click Wireless Settings for the 802 11a or 802 11b g radio in the Setup section of the main menu to view the Wireless Settings menu e Enter the wireless settings for the 802 11a and 802 11b g radios and click Apply See the online help or Wireless Settings on page 2 10 for information about how to configure the settings on this page ____ Note In the USA the Region is preset according to regulatory requirements and cannot be changed In other areas you can and must set the Region It may not be legal to operate the wireless access point in a region other than one of those identified in this field Now that you have finished the setup you are ready to deploy the WAG302v2 in your network If needed you can now reconfigure the computer you used for this process back to its original TCP IP settings 3 Deploy the WAG302v2 Wireless Access Point a Disconnect the WAG302v 2 and put it where you will deploy it The best location is elevated such as wall mounted or on the top of a cubicle at the center of your wireless coverage area and within line of sight of all the mobile devices For more information see Wireless Equipment Placement and Range Guidelines on page 2 2 b Lift the antenna on either side to be vertical Basic Installation and Configuration 2 5 v1 0
53. cord is connected to the access point Make sure the power adapter is connected to a functioning power outlet If it is in a power strip make sure the power strip is turned on If it is plugged directly into the wall verify that it is not a switched outlet Make sure you are using the correct NETGEAR power adapter supplied with your access point Troubleshooting 5 1 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual The Wireless LAN activity light does not light up The access point s antennae are not working If the Wireless LAN activity light stays off disconnect the adapter from its power source and then plug it in again Make sure the antennas are tightly connected to the WAG302v2 Contact NETGEAR technical support if the Wireless LAN activity light remains off The LAN light is not lit There is a hardware connection problem Check these items Make sure the cable connectors are securely plugged in at the access point and the network device hub switch or router A switch hub or router must be installed between the access point and the Ethernet LAN or broadband modem Make sure the connected device is turned on Be sure the correct cable is used Use a standard Category 5 Ethernet patch cable If the network device has Auto Uplink MDI MDIX ports you can use either a crossover cable or a normal patch cable I cannot access the Internet or the LAN with a
54. cted you must use TKIP AES encryption and enter the WPA passphrase Network key Data Encryption Select the data encryption that you want to use The available options depend on the Network Authentication setting above otherwise the default is None The Data Encryption settings are explained in the table below Table 2 2 Data Encryption Settings Name Description None No encryption is used 64 bits WEP Standard WEP encryption using 40 64 bit encryption 128 bits WEP Standard WEP encryption using 104 128 bit encryption 152 bits WEP Proprietary mode that will only work with other wireless devices that support this mode TKIP This is the standard encryption method used with WPA AES This is the standard encryption method for WPA2 Some clients may support AES with WPA but this is not supported by this Access Point TKIP AES This setting supports both WPA and WPA2 Broadcast packets use TKIP For unicast point to point transmissions WPA clients use TKIP and WPA2 clients use AES The Passphrases and Keys are explained below Basic Installation and Configuration 2 17 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual e Passphrase To use the Passphrase to generate the WEP keys enter a passphrase and click the Generate Keys button You can also enter the keys directly These keys must match the other wireless stations e Key 1
55. curity settings if security is in use 4 Verify connectivity across the LAN 1 and LAN 2 A computer on either LAN segment should be able to connect to the Internet or share files and printers of any other PCs or servers connected to LAN Segment 1 or LAN Segment 2 Advanced Configuration 4 9 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Multi Point Bridge Configuration Multi point bridge mode allows a wireless access point to bridge to multiple peer wireless access points simultaneously In addition you can enable client associations with this WAG302v2 Multi Point Bridge mode configuration includes the following steps e Enter the MAC addresses of the other access points in the fields provided e Set the other bridge mode access points to Point to Point Bridge mode using the MAC address of this WAG302v2 as the Remote MAC Address e Use wireless security to protect this traffic The figure below shows an example of a Multi Point Bridge mode configuration Master AP Point to Multi Point Point to Point 4 t0 AP 3 Bridge mode Bridge Mode Point to Point AP 2 Hub or Switch Router Bridge Mode internet eee J 192 168 J J 7 z j PCs PCs Hub or Switch LAN Segment 3 LAN Segment 1 J PCs LAN Segment 2 Figure 4 6 The following steps describe how to set up the Multi Point Bridge configuration shown in Figure 4 6 1 Configure the Operating Mode of the WAG302v2
56. d so that the WAG302v2 can process VLAN membership information By default all traffic on the WAG302v2 uses VLAN 1 which is the default untagged VLAN Therefore all traffic is untagged until you change the untagged traffic VLAN ID or the VLAN ID for a specific Security Profile Check the Untagged VLAN check box to transmit all frames on the specified VLAN as untagged If you clear the box all traffic is tagged with a VLAN ID Time Zone Select the Time Zone to match your location If your location uses daylight saving check the box Adjust for Daylight Saving Time The Current Time as used on the wireless access point is displayed Note You must have an Internet connection to get the current time NTP Server Click Enable to use a network time protocol NTP server to synchronize the clock in your access point or click Disable if you do not want to use an NTP server Use Custom NTP Server If you do not want to use the default NETGEAR NTP server click this box and enter the hostname or IP address of the NTP server to use 3 Click Apply to save your settings Wireless Settings To configure the wireless settings connect to the WAG302v 2 and click Wireless Settings in the Setup section of the WAG302v2 main menu The Wireless Settings menu appears as shown in Figure 2 6 The figure shows the 802 11b g radio configuration Note The configuration options for the 802 11a radio and the 802 11b g radio a
57. dd Add Apply Apply Figure 2 9 3 Select the Turn Access Control On check box Note When configuring the WAG302v 2 from a wireless computer whose MAC address is not in the access control list if you select Turn Access Control On you will lose your wireless connection when you click Apply You must then access the wireless access point from a wired computer or from a wireless computer which is on the access control list to make any further changes 4 Either select from the list of available wireless stations the WAG302v2 has found in your area or enter the MAC address for a device you plan to use You can usually find the MAC address of a wireless station printed on the wireless adapter Click Add to add the wireless device to the access list Repeat these steps for each additional device you want to add to the list 2 22 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual 5 Be sure to click Apply to save your wireless access control list settings Now only devices on the MAC ACL will be allowed to wirelessly connect to the WAG302v2 Basic Installation and Configuration 2 23 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual 2 24 Basic Installation and Configuration v1 0 May 2006 Chapter 3 Management and Information This chapter describes how to use the management and informat
58. de the firmware getGet property values of the running configuration reboot Reboot the system Command Line Reference C 1 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual remove Remove instances in the running configuration save running Save the running configuration set Set property values of the running configuration Example 2 Type get TAB TAB to see a list of keywords for the get command netgearl15CO0 get association Associated station basic rate Basic rates of radios bridge portBridge ports of bridge interfaces vapVirtual Access Point web serverWeb server wme queueTransmission queue parameters for stations Example 3 Type get ssh s TAB This results in completion with the only matching keyword netgearl15C00 get ssh status Press ENTER to display the output results of the command Keyboard Shortcuts The CLI provides keyboard shortcuts to help you navigate the command line and build valid commands Table C 1 describes the keyboard shortcuts available from the CLI Table C 1 Keyboard Shortcuts Keyboard Shortcut Action on CLI Ctrl a Move the cursor to the beginning of the current line Ctrl e Move the cursor to the end of the current line Ctrl b Move the cursor back on the current line one character at a time Left Arrow key Ctrl f Move the cursor forward on the current line one character at a time Right Arrow Key Ctrl c S
59. dress and port translation NAPT Some higher layer protocols such as FTP might not work with the NAPT on the WAG302v 2 To fix this issue reconfigure the DHCP server settings Advanced IP Settings so that the wireless clients receive IP addresses that are on the same network as the WAG302v2 Ethernet interface I need to restore factory default settings To restore the factory default settings you can use the Reset button see Using the Reset Button to Restore Factory Default Settings on page 3 6 or use the Backup Restore Settings menu see Erasing the Configuration on page 3 6 To view a list of the factory default settings see Default Factory Settings on page B 1 5 4 Troubleshooting v1 0 May 2006 Appendix A Related Documents This appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product Document Link Internet Networking and TCP IP http documentation netgear com reference enu tcpip index htm Addressing Wireless Communications http documentation netgear com reference enu wireless index htm Preparing a Computer for http documentation netgear com reference enu wsdhcp index htm Network Access Virtual Private Networking http documentation netgear com reference enu vpn index htm VPN Glossary http documentation netgear com reference enu glossary index htm Related Documents A 1 v1 0 Ma
60. e C 13 AP Information continued Task Command Add an AP to the Known AP list add known ap config lt mac_address gt Delete an AP from the Known AP list ren nove known ap config lt mac_address gt Delete all APs from the Known AP list ren nove known ap config all Save export the list of Known APs fil set known ap list action export config set known ap e wag302Rogue3 tftp 192 168 24 list file lt file_name gt config server lt tftp_server path gt Example action export config cfg config server 10 knownAP Import a list of known APs set known ap list action import config file lt file_nan lt tfitp_server gt Example set known ap ne gt config server list action export config file wag302Rogue3 cfg config server tftp 192 168 24 10 knownAP Configuring Advanced IP Settings The commands in Table C 14 correspond to the IP Settings page on the Web UI under the Advanced heading Table C 14 Advanced IP Settings Task View all DHCP server information Command get dh cp server detail Enable the DHCP Server Disable the DHCP Server Set the Starting IP Address Set the Ending IP Address Set the Subnet Mask Set the Gateway IP Address se se se se se se t t E h h ajajaja dh cp server cp server cp server cp
61. e wired LAN and wireless clients You can connect multiple wireless access points via a wired Ethernet backbone to add more wireless network coverage As a wireless device moves out of the range of one access point it moves into the range of another As a result wireless clients can freely roam from one access point to another and still maintain seamless connection to the network The auto sensing capability of the WAG302v2 Wireless Access Point allows packet transmission at up to 108 Mbps or at reduced speeds to compensate for distance or electromagnetic interference Key Features The WAG302v2 Wireless Access Point is easy to use and provides solid wireless and networking support Supported Standards and Conventions The following standards and conventions are supported e Standards Compliant The Wireless Access Point complies with IEEE 802 11a and IEEE 802 11b g standards for Wireless LANs e WEP support Includes support for 64 bit 128 bit and 152 bit WEP keys e Full WPA and WPA2 support WPA and WPA2 enterprise class strong security with RADIUS and certificate authentication as well as dynamic encryption key generation WPA PSK and WPA2 PSK pre shared key authentication without the overhead of RADIUS servers but with all of the strong security of WPA Introduction 1 1 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Multiple BSSIDs Support for multiple BSSIDs When one AP
62. ear com products wag302 asp and save it to your hard disk 2 Ifyou want to save your configuration settings see Backing up and Restoring the Configuration on page 3 6 3 4 Management and Information v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual 3 From the main menu Management section click the Upgrade Firmware link 4 Inthe Upgrade Firmware menu click the Browse button and browse to the location of the image tar upgrade file 5 Click Upload When the upload completes your wireless access point automatically restarts The upgrade process typically takes about one minute In some cases you may need to reconfigure the wireless access point after upgrading Configuration File Management The WAG302v2 Wireless Access Point settings are stored in the wireless access point in a configuration file This file can be saved backed up to a computer retrieved restored from a computer or cleared to factory default settings Click Backup Restore Settings under the Management heading to go to the page shown in Figure 3 4 Change Password Remote Management Upgrade Firmware BackupMestore Settings Backup Restore Settings Back up a copy of the current settings to a file Restore saved settings from a file c settings netgear wag302 xml Browse Restore Revert to factory default settings Figure 3 4 The following sections describes the options a
63. el on page 1 6 To view a list of the factory default settings see Default Factory Settings on page B 1 The reset button has two functions e Reboot When pressed and released the Wireless Access Point reboots restart e Reset to Factory Defaults When pressed and held down it clears all data and restores all settings to the factory default values To clear all data and restore the factory default values 1 Hold the Reset Button until the LEDs blink twice usually more than five seconds 2 Release the Reset Button The factory default configuration has now been restored and the WAG302v2 is ready for use 3 6 Management and Information v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Viewing General Information The information on the General screen is a summary of the WAG302v 2 configuration settings From the WAG302v2 main menu click General to view the screen shown below General Basic Settings Wireless Setti General Access Point Name MAC Address Country Region Firmware Version Access Point Mode VLAN 802 10 Current IP Settings IP Address Subnet Mask Default Gateway DHCP Client Current Wireless Settings 11a netgear115C00 00 0F B5 11 5C 00 us 0 2 AP Enabled 10 254 24 161 255 255 248 0 10 254 24 1 Enabled Operating Mode
64. em Requirements on page 2 1 Note To view a list of the factory default settings see Default Factory Settings in Appendix B 1 Set up the WAG302v2 Wireless Access Point Q Tip Before mounting the WAG302v2 in a high location first set up and test the WAG302v2 to verify wireless network connectivity a Prepare a computer with an Ethernet adapter If this computer is already part of your network record its TCP IP configuration settings b Configure the computer with a static IP address of 192 168 0 210 and 255 255 255 0 for the Subnet Mask c Connect an Ethernet cable from the WAG302v2 to the computer d Turn on your computer connect the power adapter to the WAG302v2 and verify the following The PWR power light goes on The LAN light of the wireless access point is lit when connected to a powered on computer Basic Installation and Configuration 2 3 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual 2 Configure LAN and wireless access a Use your Web browser to connect to the WAG302v 2 Enter 192 168 0 230 in the address field of your browser The WAG302v 2 login screen appears When prompted enter admin for the user name and password for the password both in lower case letters For more information see Logging in to the WAG302v2 Using Its Default IP Address on page 2 7 The Web browser displays the WAG302v2 main menu and Gen
65. endix C Command Line Reference Upgrading the Wireless Access Point Firmware The WAG302v2 Wireless Access Point firmware is stored in FLASH memory and can be upgraded as new firmware is released by NETGEAR You can download the upgrade files from the NETGEAR Web site You can upload the upgrade file TAR to the wireless access point by using your Web browser Warning When uploading firmware to the WAG302v2 Wireless Access Point do not interrupt the Web browser by closing the window clicking a link or loading a new page If the browser is interrupted the upload may fail corrupt the firmware and render the WAG302v2 completely inoperable You cannot upgrade the firmware from a computer that is connected to the WAG302v2 with a wireless link You must use a computer that is connected to the WAG302v2 with an Ethernet cable You cannot use the WAG302v2 image to upgrade the WAG302v1 software When you upgrade the WAG302v2 software the configuration file is erased After you upgrade the firmware you must reconfigure the WAG302v2 The previous configuration file might not be compatible with the new software Note The Web browser used to upload new firmware into the WAG302v2 must support uploads such as Microsoft Internet Explorer 6 0 or above or Netscape HTTP upload h as Mi ft I Expl 6 0 or ab N p Navigator 4 78 or above Use the following steps to upgrade the firmware 1 Download the file from http kbserver netg
66. eral page as Figure 2 1 shows Click to view documentation Click to log out After five minutes with no activity you are logged out automatically Figure 2 1 Generat Basic Settings Wireless Settings 11a Wireless Settings 11b g Security Profile Settings 11a Security Profile Settings 11b g Radius Server Settings Access Control 11a Access Control 11b g Change Password Remote Management Upgrade Firmware BackupRestore Settings Reboot AP Activity Log Available Wireless Station List Statistics Rogue AP Detection 11a Rogue AP Detection 11b g IP Settings Hotspot Settings Wireless Settings 11a Wireless Settings 11b g Access Point Settings 11a Access Point Settings 11big Documentation General Access Point Information Access Point Name MAC Address Country Region Firmware Version Access Point Mode VLAN 802 10 Current IP Settings IP Address Subnet Mask Default Gateway DHCP Client Current Wireless Settings 11a Operating Mode Channel Frequency Rogue AP Detection Security Profiles netgearl15C00 00 0F B5 11 5C 00 us 5 0 2 AP Enabled 10 254 24 161 255 255 248 0 10 254 24 1 Enabled IEEE 802 11a 52 5260 MHz Enabled No Profile SSID Security VLAN Status 1 NETGEAR NETGEAR_11a Open System Enabled NETGEAR 1 NETGEAR 1_11a Open System Disabled NETGEAR 2 NETGEAR 2_11a Open System Disabled NETGEAR 3 NETGEAR 3_11a
67. erpr fen Certificate of the Manufacturer Importer It is hereby certified that the ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 has been suppressed in accordance with the conditions set out in the BMPT AmtsblVfg 243 1991 and Vfg 46 1992 The operation of some equipment for example test transmitters in accordance with the regulations may however be subject to certain restrictions Please refer to the notes in the operating instructions Federal Office for Telecommunications Approvals has been notified of the placing of this equipment on the market and has been granted the right to test the series for compliance with the regulations Product and Publication Details WAG302v2 May 2006 Wireless Access Point ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 Business Model Number Publication Date Product Family Product Name Home or Business Product Language English Publication Part Number 202 10182 01 viii v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Contents About This Manual xiii Conventions Formats and SCOpeS s cccsccsissecsiesiysnteeeaaivesieqiecinseinccsntieseeeeanarsiewinseesaeeiuien xiii Pre t Use Tis Manual sorina eda Rowe ae xiv Howto Prat this Mantal cco icnesencdusvsreisanidscetatiashsasvighdssiensudarasaseiddwassenageadisaresagoadiunedadeees XV Chapter 1 Introduction Key Ponies c20 u tedium eerie iano a ea 1 1 Suppor
68. esssssatiercansadeneseacsieguersearatueesansegouedaadnidouebaeasedives 5 1 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual The Wireless LAN activity light does not light Up ccc cccseceeteeeeeeeeeeeeeeeeeeeneeeeeeeeeenes 5 2 TELAN OM EAG Reneeoer emeeoree Steerer eopr nen a 5 2 cannot access the Internet or the LAN with a wireless capable computer 5 2 cannot connect to the WAG302v2 to Configure it 2 02 eeeceeeeesssecceceeesseceeeeeeseeecseeeeneeenes 5 3 When enter a URL or IP address get a timeout error 0 ceeeeteeeeteceeeeeeeeeceeeeeeeneee 5 3 am unable to download files from some FTP sites oe eeeceeeeeeeeeeeeeeeteeeeeeenaeeeeeeeaas 5 4 need to restore factory default SSHINGS isicudicessdastieriedientiosedeaispasiinsioendemtioniddeaiis 5 4 Appendix A Related Documents Appendix B Specifications DoT IS eels tgs a ae re prep ree eee we renee rer EST CeOp PTE cre rr rr Prrer ert per rere Terry Ered Perr rene B 1 Specifications for the WAGIQ2V2 suicida a AE a AN B 4 Appendix C Command Line Reference Accessing CLI TAB Completion Help scccccccssiiicdectaieccansanneeeaioaamtbncamnceecaa C 1 FS DOGIG NONOUI arstin C 2 interface Naming Conventions sis ccusscewinssenenavnd eonseceuel soacaeubiiclaieetiassakawelued AEE EEANN C 3 Entering CLI Commands sic tsussenczemnianiueviarsativivautarquleachigides i E C 4 Using the CLI to Configure the WAG302v2
69. etwork segment or that there is a WINS server on your network e If your computer is set to Obtain an IP Address automatically DHCP client restart it e If your computer uses a Fixed Static IP address ensure that it is using an IP Address in the range of the WAG302v2 The WAG302v 2 default IP Address is 192 168 0 230 and the default Subnet Mask is 255 255 255 0 When enter a URL or IP address get a timeout error A number of things could be causing this Try the following troubleshooting steps e Check whether other PCs work If they do ensure that your PCs TCP IP settings are correct If using a Fixed Static IP Address check the Subnet Mask Default Gateway DNS and IP Addresses e If the PCs are configured correctly but still not working ensure that the WAG302v2 is connected and turned on Connect to it and check its settings If you cannot connect to it check the LAN and power connections e Ifthe WAG302v 2 is configured correctly check your Internet connection DSL Cable modem etc to make sure that it is working correctly e Try again Troubleshooting 5 3 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual l am unable to download files from some FTP sites If the IP address of the WAG302v2 LAN interface is not on the same network as the IP addresses the DHCP server on the WAG302v2 assigns to wireless clients the WAG302v2 performs automatic network ad
70. ge 4 3 Table C 16 Advanced Wireless Settings Task Command Enable Super G Mode SEC radio wlanO super ag yes Threshold Disable Super G Mode set radio wlan0O super ag no Set the RTS Threshold set radio wlan0 rts threshold lt 0 2347 gt Set the Fragmentation Length set radio wlan0 fragmentation threshold lt 256 2346 gt Command Line Reference v1 0 May 2006 C 17 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 16 Advanced Wireless Settings continued Task Command Set the Beacon Interval set radio wlan0 beacon interval lt 20 1000 gt Set the DTIM Interval set bss wlan0bssvap0O dtim period lt 1 255 gt Enable Wi Fi Multimedia set radio wlan0O wme on WMM Disable Wi Fi Multimedia set radio wlan0 wme off WMM View QoS queue parameters get tx queue AP EDCA parameters Set AIFS on AP to station set tx queue wlan0 with queue lt Queue_Name gt to traffic aifs lt AIFS_Value gt Example set tx queue wlan0 with queue data0 to aifs 13 Set cwMin and cwMax on set tx queue wlan0 with queue lt Queue_Name gt to AP to station traffic cwmin lt cwmin_Value gt cwmax lt cwmax_Value gt Example set tx queue wlanO with queue datal cwmin 15 cwmax 31 Set Max Burst on AP to set tx queue wlan0 with queue lt Queue_Name gt to Station traffic burst lt burst_Val
71. gs Task Command Turn on the Radio set interface wlan0 status up Turn off the Radio set interface wlanO status down v1 0 May 2006 Command Line Reference NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 7 Wireless Settings continued set set radio wl Set the Channel Frequency Not permitted Task Command Configure the Wireless Network set interface wlan0 ssid lt ssid_name gt Name SSID Example set interface wlanO ssid test_lab Allow SSID Broadcasts set bss wlan0bssvap0 ignore broadcast ssid off Deny SSID Broadcasts set bss wlan0bssvap0 ignore broadcast ssid on Set the Wireless Mode set radio wlan0 mode g radio wlanO mode b lanO mode a Set the Data Rate get supported rate wlan0d add supported rate wlan0 lt rate gt remove supported rate wlan0 lt rate gt Set the Output Power set radio wlan0 tx power lt percent gt Configuring Security Profile Settings You can configure up to eight security profiles for each radio on the AP Table C 8 maps the Web UI security profile for wlanO to the profile name i Table C 8 Security Profile Interface Names n the CLI Web UI Security Profile Default Profile Name CLI Name Profile 1 NETGEAR vapO Profile 2 NETGEAR 1 vap1 Profile 3 NETGEAR 2 vap2 Profile 4 NETGEAR 3 vap3 Profile 5 NETGEAR 4 vap4 Profile 6 NETGEAR 5 vap5
72. gs You can configure the WAG302v2 to use the types of network authentication shown in Table 2 1 below Table 2 1 Network Authentication Types Name Description Open System Can be used with WEP encryption or no encryption Shared Key You must use WEP encryption and enter at least one shared key Legacy 802 1x You must configure the RADIUS Server Settings to use this option WPA with RADIUS You must configure the RADIUS Server Settings to use this option WPA2 with RADIUS WPA2 is a later version of WPA Only select this if all clients support WPA2 If selected you must use AES encryption and configure the RADIUS Server Settings 2 16 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table 2 1 Network Authentication Types continued Name Description WPA and WPA2 with This selection allows clients to use either WPA with TKIP or WPA2 RADIUS with AES If selected you must use TKIP AES encryption and configure the RADIUS Server Settings WPA PSK You must use TKIP encryption and enter the WPA passphrase Network key WPA2 PSK WPAz is a later version of WPA Only select this if all clients support WPA2 If selected you must use AES encryption and enter the WPA passphrase Network key WPA PSK and This selection allows clients to use either WPA with TKIP or WPA2 WPA2 PSK with AES If sele
73. guration 2 7 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual 4 Log on by using the default user name of admin and default password of password After you log on the Web browser displays the General Information page as shown in Figure 2 1 on page 2 4 Basic IP Settings To configure the basic settings of your wireless access point 1 Connect to the WAG302v2 and click Basic Settings in the Setup section of the WAG302v2 main menu Figure 2 5 shows the Basic Settings page Basic Settings Basic Settings Access Point Name Country Region IP Address DHCP Client IP Address IP Subnet Mask Default Gateway Primary DNS Server Secondary DNS Server Spanning Tree Protocol 802 10 VLAN 7 Untagged VLAN Time Zone United Kingdom Current Time NTP Server Use Custom NTP Server Hostname IPAddress netgear840050_ Select Enable Disable e J B Sate cee j JE Ibe JE oat saa lt a E feel Ea eEnable Disable v Fri May 12 01 42 38 2006 eEnable Disable Rest of World Figure 2 5 Spanning Tree Protocol Basic Settings Access Point Name netgear840050 Country Region IP Address DHCP Client Enable Disable IP Address IP Subnet Mask Default Gateway Primary DNS Server Secondary DNS Server Enable Disable 802 10 VLAN m v Untagged VLAN Time Zone U
74. he RADIUS Server The default is 0 0 0 0 Port Number Port number of the RADIUS Server The default is 1813 Shared Secret This is shared between the Wireless Access Point and the RADIUS Server while authenticating the supplicant Restricting Wireless Access by MAC Address To restrict access based on MAC addresses use the following steps 1 Connect to the WAG302v2 by entering the IP address of the WAG302v 2 into the address field of your Web browser Basic Installation and Configuration 2 21 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual 2 From the Security menu click the Access Control link to display the Access Control menu shown in Figure 2 9 Security Profile Settings 11a Security Profile Settings 11b g Radius Server Settings Access Control 11a Access Control 11b g Access Control 11a Access Control 11b g Turn Access Control On C Turn Access Control On Select Access Control Database Local MAC Addie Select Access Control Database Trusted Wireless Stations Trusted Wireless Stations MAC Address C MAC Address 00 04 23 79 11 a9 n Available Wireless Stations Available Wireless Stations 2 Station i MAC Address Station Mac Address ID ID iI f 00 04 23 79 6a b2 Add Add New Station Manually Add New Station Manually MAC Sduress Lt MAC Address F E A
75. ibes the interface naming conventions for the WAG302v 2 A Warning The CLI uses specific interface names the Web UI does not use Many get and set commands require that you enter interface names Note Use the get interface command to display common information on all interfaces including IP addresses Table C 2 Interface Naming Convention Interface Description brvlan1 The Internal bridge represents the internal interface for the access point To Telnet or SSH into the access point use the IP address for this interface The brvlan1 interface consists of e ethO or vlan lt vlanid gt if you have VLANs configured e wlan0 e wlan1 for the second radio brtrunk Internal bridge trunk interface Command Line Reference C 3 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 2 Interface Naming Convention continued Interface Description lo Local loopback for data meant for the access point itself ethO The Ethernet interface connected to the Internal network vian1 The VLAN interface associated with the default security profile wlanO The default security profile for the Internal network on radio 1 wlan1 The default security profile for the Internal network on radio 2 wlanOvapx The wireless interface for the x security profile on radio 1 wlan1vapx The wireless interface for the x security prof
76. ile on radio 2 wlanOwdsx A wireless distribution system WDS interface on radio 1 where x indicates the number of the WDS link The WDS interface allows you to configure wireless bridging and repeating wlaniwdsx A wireless distribution system WDS interface on radio 2 where x indicates the number of the WDS link The WDS interface allows you to configure wireless bridging and repeating Note The commands and examples in this appendix use radio 1 To configure and view information about the second radio replace the wlanO portion of the interface name with wlanl Use the command get radio all to view information about the radios on the WAG302v2 Entering CLI Commands This section describes how to use CLI commands to configure the access point and how to view system settings and information Table C 3 shows the commands available at the blank CLI prompt You can type TAB twice to display the list of commands After you enter the command press the TAB key twice to display a list of available keywords and variables Table C 3 Commands at the Blank Prompt Command Description get Gets the property values of existing instances of a class set Sets the property values of existing instances of a class add Adds a new instance or group of instances of a class remove Removes an existing instance of a class C 4 Command Line Reference v1 0 May 2006 NETGEAR ProSafe Dual Band Wirele
77. ion features of your ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 To get to these features connect to the WAG302v2 as described in Logging in to the WAG302v2 Using Its Default IP Address on page 2 7 Changing the Administrator Password The default password is password NETGEAR recommends that you change this password to a more secure password You cannot change the administrator login name To change the default password 1 From the WAG302v2 main menu click Change Password to go to the menu shown below 2 First enter the old password and then enter the new password twice to change the password 3 Click Apply to save your change Change Password Remote Manage Upgrade Firmwi BackupMestore Reboot AP Change Password Current Password New Password Repeat New Password Restore Default Password O Yes No Figure 3 1 Management and Information 3 1 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Remote Management To access the Remote Management screen 1 Enter the LAN address of the WAG302v 2 into the address field of your browser 2 After you log in click Remote Management under Management on the main menu Change Password Remote Management atl Remote Management Backup GTT Remote Console Secure Shell SSH Enable Disable SNMP Enable Disable Public Community Name public Private Community Name p
78. is connected to a wired network and a set of wireless stations it is referred to as a Basic Service Set BSS The Basic Service Set Identifier BSSID is a 32 character unique identifier attached to the header of packets sent over a WLAN that differentiates one WLAN from another when a mobile device tries to connect to the network DHCP Client and Server Support DHCP provides a dynamic IP address to PCs and other devices upon request The WAG302v 2 can obtain network information from a DHCP server on your network The AP can also act as a DHCP server and provide network information for wireless clients SNMP Support Support for Simple Network Management Protocol SNMP Management Information Base MIB management WAG302v2 Key Features The WAG302v2 provides solid functionality including these features Multiple Operating Modes Wireless Access Point Operates as a standard 802 11a and 802 11b g wireless access point Point to Point Bridge In this mode the WAG302v2 only communicates with another bridge mode wireless station Point to Multi Point Bridge In this mode the WAG302v 2 acts as the master for a group of bridge mode wireless stations The other bridge mode wireless stations send all traffic to this master and do not communicate directly with each other Wireless Repeater In this mode the WAG302v 2 operates as both a wireless access point and a wireless bridge Rogue Access Point Detection
79. ke any further changes After the configuration changes are applied the main Security Profile page displays 6 Ifthe Security Profile you configured is not already enabled click the Enable check box associated with the Security Profile and then click Apply By default only the first Security Profile default name NETGEAR is enabled To disable this Security Profile you must disable the radio on the Wireless Settings page 2 14 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Selected Security Profile Security Profile Settings 11a Security Profile Settings 11b g Security Profile Settings 11bi g Security Profiles Profile Name SSID Security VLAN Enable NETGEAR nglan Open System SSID nglan Security Open System w NETGEAR 1_11a NETGEAR 2 NETGEAR 2_11a Open System 1 NETGEAR 3 NETGEAR 3_11a Open System 1 NETGEAR 4 NETGEAR 4_11a Open System 1 Open System NETGEAR 1 NETGEAR 1_119 Open System NETGEAR 2 NETGEAR 2_1 1g Open System NETGEAR 3 NETGEAR 3_11g9 Open System NETGEAR 4 NETGEAR 4_1 1g Open System NETGEAR 5 NETGEAR 5_11a Open System 1 NETGEAR 5 NETGEAR 5_1 1g Open System NETGEAR 6 NETGEAR 6_11a Open System 1 NETGEAR 6 NETGEAR 6_1 1g Open System NETGEAR 7 NETGEAR 7_11g Open System 0 0 0 0 0 0
80. l rer herved at utstyret Radiolan er i samsvar med de Norwegian grunnleggende krav og vrige relevante krav i direktiv 1999 5 EF Polski Polish Niniejszym NETGEAR Inc o wiadcza e Radiolan jest zgodny z zasadniczymi wymogami oraz pozosta ymi stosownymi postanowieniami Dyrektywy 1999 5 EC Portugu s NETGEAR Inc declara que este Radiolan est conforme com os requisitos essenciais Portuguese e outras disposi es da Directiva 1999 5 CE Slovensko NETGEAR Inc izjavlja da je ta Radiolan v skladu z bistvenimi zahtevami in ostalimi Slovenian relevantnimi dolo ili direktive 1999 5 ES Slovensky NETGEAR Inc t mto vyhlasuje _e Radiolan sp a z kladn po_iadavky a v etky Slovak pr slu n ustanovenia Smernice 1999 5 ES Suomi Finnish NETGEAR Inc vakuuttaa t ten ett Radiolan tyyppinen laite on direktiivin 1999 5 EY oleellisten vaatimusten ja sit koskevien direktiivin muiden ehtojen mukainen Svenska Swedish H rmed intygar NETGEAR Inc att denna Radiolan st r verensst mmelse med de v sentliga egenskapskrav och vriga relevanta best mmelser som framg r av direktiv 1999 5 EG Countries of Operation amp Conditions of Use in the European Community This device is intended to be operated in all countries of the European Community Requirements for indoor vs outdoor operation license requirements and allowed channels of operation apply in some countries as described below
81. n Union 1999 5 EC This equipment meets the following conformance standards EN300 328 EN301 489 17 EN60950 Europe Declaration of Conformity in Languages of the European Community Eesky Czech NETGEAR Inc timto prohlaSuje _e tento Radiolan je ve shod se zakladnimi po_adavky a dal mi p slu n mi ustanoven mi sm rnice 1999 5 ES Dansk Danish Undertegnede NETGEAR Inc erkl rer herved at f lgende udstyr Radiolan overholder de v sentlige krav og vrige relevante krav i direktiv 1999 5 EF Deutsch Hiermit erkl rt NETGEAR Inc dass sich das Ger t Radiolan in bereinstimmung mit German den grundlegenden Anforderungen und den brigen einschl gigen Bestimmungen der Richtlinie 1999 5 EG befindet Eesti K esolevaga kinnitab NETGEAR Inc seadme Radiolan vastavust direktiivi 1999 5 EU Estonian p hin uetele ja nimetatud direktiivist tulenevatele teistele asjakohastele s tetele English Hereby NETGEAR Inc declares that this Radiolan is in compliance with the essential requirements and other relevant provisions of Directive 1999 5 EC Espa ol Por medio de la presente NETGEAR Inc declara que el Radiolan cumple con los Spanish requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999 5 CE A ci P ME THN MAPOYZA NETGEAR Inc AHAQNE OTI Radiolan 2YMMOP ONETAI Greek MPO TI OYZIOAEIZ ANAITHZEIZ KAI TI2 AOINE ZXETIKEZ AI
82. ng NETGEAR products work with the WAG302v2 Wireless Access Point WAG511 ProSafe 108 Mbps Dual Band PC Card Introduction 1 3 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual WAG311 ProSafe 108 Mbps Dual Band PCI Card WG311T 802 11g 108 Mbps Wireless PCI Card WG511T 802 11g 108 Mbps Wireless CardBus Adapter WG511 802 11g 54 Mbps Wireless CardBus Adapter WGI111 801 11g 54 Mbps Wireless USB 2 0 Adapter What s In the Box The product package should contain the following items ProSafe 802 11la g Dual Band Wireless Access Point WAG302v2 Power adapter and cord Straight through Category 5 Ethernet cable Resource CD for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Support Registration card Contact your reseller or customer support in your area if there are any missing or damaged parts See the Support Information card for the telephone number of customer support in your area You should keep the Support Information card along with the original packing materials and use the packing materials to repack the WAG302v 2 if you need to return it for repair To qualify for product updates and product warranty registrations we encourage you to register on the NETGEAR Web site at http www NETGEAR com Introduction v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Hardware Description This section describes the W
83. ng features on the back of the WAG302v2 1 5 GHz detachable antenna The 5 GHz antenna supports clients that use the 802 11a radio The WAG302v2 will not function properly if the 5 GHz antenna is not attached to the correct port The antenna frequency is labeled near its base 2 2 4 GHz detachable antenna The 2 4 GHz antenna supports clients that use the 802 11b g radio The WAG302v2 will not function properly if the 2 4 GHz antenna is not attached to the correct port The antenna frequency is labeled near its base Reset button This restores the default factory settings 4 Serial Console Port Use the male DB 9 serial port for serial DTE connections RJ 45 Ethernet LAN POE Port Use the WAG302v2 Ethernet RJ 45 port to connect to an Ethernet LAN through a device such as a hub switch router or Power Over Ethernet POE switch 6 Power socket This connects to the WAG302v2 power adapter 1 6 Introduction v1 0 May 2006 Chapter 2 Basic Installation and Configuration This chapter describes how to set up your ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 for wireless connectivity to your LAN This basic configuration enables computers with 802 11a or 802 11b g wireless adapters to do such things as connect to the Internet or access printers and files on your LAN ____ Note Indoors computers can connect over 802 11a b g wireless networks at ranges of several hundred feet or more This distance can allow other
84. nited Kingdom bs Fri May 12 02 28 45 2006 eEnable Disable Current Time NTP Server Use Custom NTP Server Hostname IPAddress L 2 Enter the Basic Default Settings The Basic Settings default settings below work for most users and situations Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual e Access Point Name This unique name is the access point NetBIOS name The default Access Point Name is on the bottom label of the WAG302v2 The default name is netgearxxxxxx where xxxxxx represents the last six hexadecimal digits of the WAG302v2 MAC address You can change the name to a unique name up to 15 characters long e Country Region This is the region where the WAG302v can be used It may not be legal to operate the wireless features of the wireless access point in a region other than one of those identified in this field For products sold in the United States the default country domain is preset For products sold outside of the United States you must select a country or region e DHCP Client By default the Dynamic Host Configuration Protocol DHCP client is disabled If you have a DHCP server on your LAN and you enable DHCP the wireless access point get its IP address subnet mask and default gateway settings automatically from the DHCP server on your network when you connect the WAG302v2 to your LAN Note To connect
85. nsing Ethernet Connection with Auto Uplink Interface Connects to 10 100 Mbps IEEE 802 3 Ethernet networks LED Indicators Power Test LAN speed LAN activity and wireless activity are easily identified Wireless Virtual LAN VLAN Support VLANs enable a network of computers to behave as if they are connected to the same network even though they might actually be physically located on different segments of a LAN VLANs are configured through software rather than hardware which makes them extremely flexible VLANs are very useful for user host management bandwidth allocation and resource optimization Wireless Multimedia WMM Support WMM is a subset of the 802 11e standard WMM allows wireless traffic to have a range of priorities depending on the kind of data Time dependent information like video or audio has a higher priority than normal traffic For WMM to function correctly Wireless clients must also support WMM Quality of Service QoS Support You can configure parameters that affect traffic flowing from the access point to the client station and traffic flowing from the client station to the access point The QoS feature allows you to prioritize traffic such as voice and video traffic so that packets do not get dropped Compatible and Related NETGEAR Products For a list of compatible products from other manufacturers see the Wireless Ethernet Compatibility Alliance Web site WECA http Avww wi fi net The followi
86. o when you configure the client use the SSH1 3DES option If you use the Telnet client to connect over the Ethernet port use the IP address of the WAG302v2 as the host name Accessing the CLI by Using the Console Port 1 Using a null modem cable connect a VT100 ANSI terminal or a workstation to the port labeled Console If you attached a PC Apple Macintosh or UNIX workstation start a secure terminal emulation program Configure the terminal emulation program to use the following settings e Baud rate 9600 bps e Data bits 8 e Parity none e Stop bit 1 e Flow control none These settings appear below the connector on the back panel Press Enter and a screen similar to the one in Figure 3 3 should appear Tera Term COM1 VT File Edit Setup Control Window Help etgear112406 login admin Password Enter help for help etgearii12400H Jf Figure 3 3 The the login name and password The login name is admin and password is the default password Management and Information 3 3 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual After a successful login the screen should show the command prompt which is the name of the access point by default In this example the prompt is netgear 12400 Press Tab two times Tab Tab to display the CLI command help CLI Commands The CLI commands that correspond to the Web interface are explained in App
87. onfigure security profiles on the 802 11a and 802 11b g radios are the same Basic Installation and Configuration 2 13 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Use the following steps to configure a Security Profile 1 Connect to the WAG302v 2 In the address field of your Web browser enter the default LAN address of http 192 168 0 230 Log in with the user name of admin and default password of password or log in by using the LAN address and password that you configured 2 Inthe Security menu click Security Profile Settings Note If you are using a RADIUS Server configure the RADIUS settings first as described in Configuring the RADIUS Server Settings on page 2 20 The Security Profile Settings page appears and displays the current settings for the eight Security Profiles 3 Select the Security Profile to configure and click Edit The Security Profile Configuration page appears as shown below in Figure 2 7 4 Enter the settings for the Security Profile which are described on the following page To update the settings click Apply ____ Note If you use a wireless computer to configure Security Profile settings and if your computer uses the Security Profile that you change you will be disconnected when you click Apply Reconfigure your wireless adapter to match the new settings or access the wireless access point from a wired computer to ma
88. onfiguring Wireless LAN Parameters Figure 4 3 shows the Wireless LAN Parameters section on the Advanced Wireless Settings page For most networks the default Advanced Wireless LAN Parameter settings work well IP Settings Hotspot Settings Wireless Settings 11a Wireless Settings 11b g tiie Advanced Wireless Settings 11a Access Poin Advanced Wireless Settings 11b g Wireless LAN Parameters Enable SuperG Mode Wireless LAN Parameters Enable SuperA Mode RTS Threshold 0 2347 RTS Threshold 0 2347 Fragmentation Length 256 2346 Fragmentation Length 256 2346 Beacon Interval 20 1000 Beacon Interval 20 1000 ms DTIM Interval 1 255 DTIM Interval 1 255 Preamble Type Modify QoS queue parameters ay ja i Modify QoS queue parameters Enable Wi Fi Multimedia WMM Oves no Enable SpectraLink Enable Wi Fi Multimedia WMM No Enable SpectraLink Yes No AP EDCA parameters AP EDCA parameters Station EDCA parameters Station EDCA parameters Figure 4 3 4 4 Advanced Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table 4 1 describes the Advanced Wireless Parameters Table 4 1 Advanced Wireless LAN Parameters Field De
89. onnected to any of the three WLAN segments Note You can extend this repeating by adding up to two more WAG302v2s configured in repeater mode However since repeaters communicate in half duplex mode the bandwidth decreases as you add repeaters to the network Also you can extend the range of the wireless network with NETGEAR wireless antenna accessories Advanced Configuration 4 13 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual 4 14 Advanced Configuration v1 0 May 2006 Chapter 5 Troubleshooting This chapter provides information about troubleshooting your ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 After each problem description instructions are given to help you diagnose and solve the problem For the common problems listed go to the section indicated Is the WAG302v2 on Go to Front Panel on page 1 5 Have I connected the wireless access point correctly Go to Installing the WAG302v2 Wireless Access Point on page 2 3 I cannot remember the wireless access point s configuration password Go to Viewing the Activity Log on page 3 9 If you have trouble setting up your WAG302v 2 check the tips below No lights are lit on the access point It takes a few seconds for the power indicator to light up Wait a minute and check the power light status on the access point If the access point has no power Make sure the power
90. ork discovery feature of some products e Wireless Mode Select one of the following wireless operating modes for the 802 11b g radio Auto Both 802 11b and 802 11g wireless stations can be used 802 11b only 802 11b wireless stations can be used The 802 11a mode is the only option available for the 802 11a radio e Channel Frequency This field sets the operating frequency to use You should not need to change the channel unless you notice interference problems or if you are setting up the WAG302v2 near another access point The wireless channel range for the 802 11b g radio is 1 to 11 for USA and Canada and 1 to 13 for Europe and Australia The default is channel 11 There are 13 channels available for the 802 11a radio The default is channel 52 Access points use a fixed channel You can select the channel to provide the least interference and best performance In the USA and Canada 11 channels are available on the 802 11b g radio Ifyou use multiple access points it is better if adjacent access points use different channels to reduce interference The recommended channel spacing between adjacent access points is five channels for the 802 11b g radio for example use channels 1 and 6 or 6 and 11 and eight channels for the 802 11a radio for example use channels 36 and 44 or channels 44 and 52 In Infrastructure mode wireless stations normally scan all channels looking for an access point If more
91. ort Number 1812 Shared Secret Primary Accounting Server IP Address hE ke kG Port Number 1813 Shared Secret Secondary Accounting Server IP Address o j E E Port Number EE Shared Secret Figure 2 8 2 20 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual The following list describes the RADIUS Server Settings Authentication Server Configuration This configuration is required for authentication and access control using a RADIUS Server The IP Address Port Number and Shared Secret are required for communication with the RADIUS Server You can configure a Secondary RADIUS Server to use if the Primary RADIUS Server fails IP Address The IP address of the RADIUS Server The default is 0 0 0 0 Port Number The port number of the RADIUS Server The default is 1812 Shared Secret This is shared between the Wireless Access Point and the RADIUS Server while authenticating the supplicant wireless client The shared secret can contain up to 63 standard alphanumeric and special characters The shared secret is case sensitive Accounting Server Configuration This configuration is required for accounting using a RADIUS Server The IP Address Port Number and Shared Secret are required for communication with the RADIUS Server You can configure a Secondary RADIUS Server to use if the Primary RADIUS Server fails IP Address The IP address of t
92. pter link at the top right of any page in the chapter you want to print The PDF version of the chapter you were viewing opens in a browser window Click the print icon in the upper left of the window Q Tip If your printer supports printing two pages on a single sheet of paper you can save paper and printer ink by selecting this feature Printing the Full Manual Use the Complete PDF Manual link at the top left of any page Click the Complete PDF Manual link at the top left of any page in the manual The PDF version of the complete manual opens in a browser window Click the print icon in the upper left of the window Q Tip If your printer supports printing two pages on a single sheet of paper you can save paper and printer ink by selecting this feature v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual xvi v1 0 May 2006 Chapter 1 Introduction This chapter introduces the NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2is the basic building block of a wireless LAN infrastructure It provides connectivity between Ethernet wired networks and radio equipped wireless notebook systems desktop systems print servers and other devices The wireless access point provides wireless connectivity within about a 300 foot radius The wireless access point can support up to 40 users simultaneously The WAG302v2 acts as a bridge between th
93. re the same but the values are different The 802 11a and 802 11b g radios operate on different channels and frequencies and have different data rates 2 10 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Basic Settings Wireless Settings 11a Wireless Settings 11b g Wireless Settings 11a Wireless Settings 11b g Wireless LAN M Turn Radio On Wireless Network Name SSID NETGEAR 11g Wireless LAN v Turn Radio On Wireless Network Name SSID NETGEAR_11al i Broadcast Wireless Network Name SSID yes O No Broadcast Wireless Network Name SSID Yes O No Wireless Mode Wireless Mode Auto t 1 1 1b v Channel Frequency 52 5 260GHz vi Channel Frequency 11 2 462GHz y Data Rate Best v Data Rate Best v Output Power Full v Output Power Full Figure 2 6 The Wireless Settings page options are discussed below e Turn Radio On On by default you can also turn off the radio to disable access through this device This can be helpful for configuration network tuning or troubleshooting activities e Wireless Network Name SSID The SSID is also known as the wireless network name Enter a value of up to 32 alphanumeric characters In a setting where there is more than one wireless network different wireless network names provide a means for separating the traffic Any device you want to pa
94. rivate Community Name for Traps IP Address to Receive Traps 0 Oo FN a J0 Figure 3 2 3 Enter the Remote Management information e Secure Shell SSH If set to Enable the Wireless Access Point will only allow remote access via Secure Shell and Secure Telnet The default is Enable e SNMP Enable SNMP to allow the SNMP network management software such as HP OpenView to manage the wireless access point via SNMPv1 v2 protocol e Public Community Name The community string to allow the SNMP manager to read the wireless access point s MIB objects The default is public e Private Community Name The community string to allow the SNMP manager to read and write the wireless access point s MIB objects The default is private e Community Name for Traps The community string associated with the IP address to Receive Traps There is no default value e IP address to Receive Traps The IP address of the SNMP manager to receive traps sent from the wireless access point The default is 0 0 0 0 4 Click Apply to save your settings 3 2 Management and Information v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Using the Secure Telnet Interface The WAG302v 2 includes a secure Telnet command line interface CLI You can access the CLI from a secure Telnet client over the Ethernet port or over the serial console port __ Note You must use a secure Telnet client such as PuTTY Als
95. rticipate in a particular wireless network will need to use the SSID The WAG302v2 default SSID is NETGEAR_ 11g for the 802 11b g radio and NETGEAR _ 11a for the 802 11a radio The following list contains additional information about SSIDs A group of Wireless Stations and a single access point all using the same ID SSID form a Basic Service Set BSS Using the same SSID is essential Devices with different SSIDs are unable to communicate with each other However some access points allow connections from wireless stations which have their SSID set to any or whose SSID is blank null A group of wireless stations and multiple access points all using the same ID ESSID form an Extended Service Set ESS Different access points within an ESS can use different channels To reduce interference it is recommended that adjacent access points should use different channels Basic Installation and Configuration 2 11 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual As wireless stations physically move through the area covered by an ESS they will automatically change to the access point which has the least interference or best performance This capability is called roaming e Broadcast Wireless Network Name SSID The default is Yes If you choose No then only stations that know the SSID can connect Disabling the SSID broadcast might interfere with the wireless netw
96. s The default ending IP address is 192 168 0 50 Subnet Mask Enter a subnet mask for the DHCP server on the Access Point to assign wireless clients The default subnet mask is 255 255 255 0 Gateway Address Enter a Gateway Address for the DHCP server on the Access Point to assign wireless clients The wireless clients will use this IP address as the default gateway for any traffic beyond the local network By default the gateway address is the IP address of the WAG302v2 Primary DNS Server Enter a Primary DNS Server IP address for the DHCP server on the Access Point to assign wireless clients By default the DNS server address is the IP address of the WAG302v2 The WAG302v2 relays requests from wireless clients to the DNS server configured on the Basic Settings page Secondary DNS Server Enter a Secondary DNS Server IP address for the DHCP server on the Access Point to assign wireless clients There is no default server Primary WINS Server Enter a Primary WINS Server IP address for the DHCP server on the Access Point to assign wireless clients There is no default server 4 2 Advanced Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual e Secondary WINS Server Enter a Secondary WINS Server IP address for the DHCP server on the Access Point to assign wireless clients There is no default server e Lease Enter a lease time in days hours and minutes The wireless client
97. s outside your area to access your network It is important to take appropriate steps to secure your network from unauthorized access The WAG302v2 Wireless Access Point provides highly effective security features which are covered in detail on the NETGEAR Web site For more information see Appendix A Related Documents Deploy the security features appropriate to your needs You need to prepare the following three things before you can establish a connection through your wireless access point e A location for the WAG302v 2 that conforms to the Wireless Equipment Placement and Range Guidelines described in this chapter e A wired connection from the WAG302v2 to your LAN through a device such as a hub switch router or Cable DSL gateway e One or more computers with properly configured 802 11a or 802 11b g wireless adapters System Requirements Before you install the WAG302v2 make sure you have the following equipment and that your system meets these requirements e A 10 100 Mbps Local Area Network device such as a hub or switch e The Category 5 UTP straight through Ethernet cable with RJ 45 connector included in the package or one like it e A 100 240 V 50 60 HZ AC power source Basic Installation and Configuration 2 1 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual e A Web browser for configuration such as Microsoft Internet Explorer 6 0 or above or Net
98. scape Navigator 4 78 or above e At least one computer with the TCP IP protocol installed e 802 11a 802 11g or 802 11b compliant devices such as the NETGEAR WG511 Wireless Adapter The WAG302v2 can connect to you LAN via twisted pair Category 5 Ethernet cable with RJ 45 connectors The LAN interface is autosensing and capable of full duplex or half duplex operation The wireless access point uses Auto Uplink technology The Ethernet port automatically senses whether the Ethernet cable plugged into the port should have a normal connection such as to a computer or an uplink connection such as to a switch or hub That port will then configure itself correctly This feature eliminates any concerns about crossover cables as Auto Uplink will accommodate either type of cable to make the right connection Wireless Equipment Placement and Range Guidelines The range of your wireless connection can vary significantly based on the location of the wireless access point The latency data throughput performance and notebook power consumption of wireless adapters also vary depending on your configuration choices Note Failure to follow these guidelines can result in significant performance degradation or inability to wirelessly connect to the WAG302v2 For complete performance y y p p specifications see Specifications for the WAG302v2 in Appendix B For best results place your wireless access point e
99. scription Enable SuperG Mode Click Enable to enable Super G Mode RTS Threshold The packet size used to determine whether the access point should use the CSMA CD Carrier Sense Multiple Access with Collision Detection or the CSMA CA Carrier Sense Multiple Access with Collision Avoidance mechanism for packet transmission Fragmentation Length This is the maximum packet size used for fragmentation Packets larger than the size programmed in this field will be fragmented The Fragment Threshold value must be larger than the RTS Threshold value Beacon Interval Specifies the data beacon rate which is between 20 and 1004 DTIM Interval The Delivery Traffic Indication Message specifies the data beacon rate which is between 1 and 255 Preamble Type A long transmit preamble may provide a more reliable connection or slightly longer range A short transmit preamble gives better performance Auto is the default Modifying QoS Queue Parameters Figure 4 3 shows the Quality of Service QoS queue section on the Advanced Wireless Settings page For most networks the default QoS queue parameter settings work well Quality of Service provides you with the ability to specify parameters on multiple queues for increased throughput and better performance of differentiated wireless traffic like Voice over IP VoIP other types of audio video and streaming media as well as traditional IP data The QoS options on the WAG302v
100. ss Access Point WAG302v2 Reference Manual Table C 3 Commands at the Blank Prompt continued Command Description config Uploads or downloads the running configuration firmware upgrade Upgrades the firmware save running Saves the running configuration as the startup configuration reboot Restarts the access point a soft reboot factory reset Resets the AP to factory defaults and reboots i Warning Settings updated from the CLI with get set add and remove commands will not be saved to the startup configuration unless you explicitly save them by issuing the save running command The get set add and remove commands are followed by one or more keywords and might be followed by one or more optional or required name value pairs You can use CLI commands to view or configure most of the features that you can view and configure by using the Web UI Note CLI commands are not available to merge import and export the known AP list for Rogue AP detection feature Additionally you cannot set the channel or frequency by using the CLI Using the CLI to Configure the WAG302v2 Wireless Access Point This section describes the commands you use to view and configure the WAG302v2 The CLI commands correspond to tasks you can accomplish by using the Web based user interface UI In some cases the CLI get command provides additional details not a
101. ss Point Default Configuration Settings Feature Description Untagged Packet and VLAN Mapping Disabled Untagged VLAN ID 1 Time Zone GMT Time Zone Adjusted for Daylight Saving Disabled Time Wireless Settings Wireless Communication Radio Enabled 802 11a Network Name SSID NETGEAR_11a 802 11g Network Name SSID NETGEAR_11g Broadcast SSID Enabled 802 11a Radio Frequency Channel Channel 52 802 11g Radio Frequency Channel Channel 11 Data Rate Auto Output Power Full Security Profile Settings Profile Name NETGEAR SSID 802 11a NETGEAR_11a SSID 802 11b g NETGEAR_11g Security Open System VLAN ID 1 Status Enabled all other security profiles are disabled Radius Server Seitings Authentication Server IP Address 0 0 0 0 Authentication Server Port 1812 Accounting Server IP Address 0 0 0 0 Accounting Server Port 1813 B 2 Specifications v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table B 1 Access Point Default Configuration Settings Feature Description Remote Management SSH Enabled SNMP Enabled Public Community Name public Private Community Name private Community Name for Traps NETGEAR WAG302v2 IP Address to Receive Traps 0 0 0 0 DHCP Server Seitings DHCP Server Disabled Starting IP Address 192 168 0 2 Ending IP Address 192 168 0 50
102. status down Repeating View the Local MAC Address for get interface wlanOwds0O mac the Wireless Bridge or Repeater Set the Remote MAC Address 1 set interface wlan0wds0 remote mac lt remote_MAC_address gt Set the Remote MAC Address 2 set interface wlanOwdsl remote mac lt remote_MAC_address gt Set the Remote MAC Address 3 set interface wlanOwds2 remote mac lt remote_MAC_address gt Set the Remote MAC Address 4 set interface wlanOwds3 remote mac lt remote_MAC_address gt Command Line Reference v1 0 May 2006 C 19 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual C 20 Command Line Reference v1 0 May 2006
103. tart over at a blank command prompt abandons the input on the current line Ctrl h Remove one character on the current line Backspace Ctrl w Remove the last word in the current command Clears one word at a time from the current command line always starting with the last word on the line C 2 Command Line Reference v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 1 Keyboard Shortcuts continued Up Arrow key Keyboard Shortcut Action on CLI Ctrl k Remove characters starting from cursor location to end of the current line Clears the current line from the cursor forward Ctrl u Remove all characters before the cursor Clears the current line from the cursor back to the CLI prompt Ctrl p Display previous command in history Ctrl p and Ctrl n let you cycle through a history of all executed commands like Up and Down arrow keys typically do Up Down arrow keys also work for this Ctrl n Down Arrow key Display next command in history Ctrl p and Ctrl n let you cycle through a history of all executed commands like Up and Down arrow keys typically do Up Down arrow keys also work for this Ctrl d Exit the CLI At a blank command prompt typing Ctrl d closes the CLI Typing Ctrl d within command text also removes characters one at a time at cursor location like Ctrl h Interface Naming Conventions Table C 2 descr
104. te MAC Address 4 Remote MAC Address 4 Figure 4 4 4 8 Advanced Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Point to Point Bridge Configuration In Point to Point Bridge mode the WAG302v2 communicates with another bridge mode wireless station In addition you can enable client associations with this WAG302v2 You must enter the MAC address of the other bridge mode wireless station in the field provided Use wireless security to protect this communication The figure below shows an example of Point to Point Bridge mode Both APs are in Point to Point Bridge mode Hub or Switch Internet E A 192 168 LAN sedint i di Segment j Figure 4 5 The following steps describe how to set up the Point to Point Bridge configuration in Figure 4 5 1 Configure the WAG302v2 AP 1 on LAN Segment 1 in Point to Point Bridge mode 2 Configure the other access point AP 2 on LAN Segment 2 in Point to Point Bridge mode AP 1 must have AP 2 s MAC address in its Remote MAC Address field and AP 2 must have AP 1 s MAC address in its Remote MAC Address field 3 Configure and verify the following for both access points e Verify the LAN network configuration of the access points Both APs must be configured to operate in the same LAN network address range as the LAN devices e Both APs must use the same SSID Channel authentication mode if any and se
105. ted Standards and Conventions 2 cccccccceeeeeeeeccneceeceeeeeeeeeeeeeeeeeeseneaeens 1 1 WAG Q02V2 Key FPRRHIIES ccciciuerssrecsursceierausescvecau renin e tacaneneatasstuciacissaauts 1 2 Compatible and Related NETGEAR Products cceceeeeeeeeceeceeeeeeeeeeeeeeeeeeeenes 1 3 Wars We BOR sooateeciuserdaccai adnan use Oe eae 1 4 Hardware eSoriptin scccssccissccchsccstincahuermiamianeioas muda adoiira baokis 1 5 Pron ea 2d o a a a CMI es emeP Tt 1 5 Rer PANS dadua seats nie ce eon eeata 1 6 Chapter 2 Basic Installation and Configuration System REQUINOMGINS cccccccssccstsasnserscsacqueectonssmueescsvsniuecessiacescsesttemeatace sieiiwenss ramentamenaguers 2 1 Wireless Equipment Placement and Range Guidelines ccccceeeeeeeeeeeeeecaeeeeeeeeees 2 2 Installing the WAG302v2 Wireless Access Point ccc eersceeeeeerseeeeseeensneeseetenseneee 2 3 Logging in to the WAG302v2 Using Its Default IP Address ceeceeeeeeeeteteeeeeeeneees 2 7 Sr a e a cra cs EE EET EE ty a ar ancora tiated ashen T vata eae an de 2 8 Wireless Settings cc cccssecessressertscveaiwercedesguueteui TAE 2 10 Understanding WAG302v2 Wireless Security Options cccccceesscceceeessseeeeeeeneeees 2 13 Coniguing Security Pros sccensaneniuntieunn n cacbeesndeaenedoneeunaeneie 2 13 Prole DSTO sc csscaaedvnssissabullecatiawiis is ust edocs oni nied anaie ani EEEE 2 16 Network AUtMEnticatio siiras eaa aaa aa aa adao aad 2 16
106. than one access point can be used the one with the strongest signal is used This can only happen when the access points use the same SSID To learn more about wireless channels see Appendix A Related Documents for information about online resources e Data Rate Shows the available transmit data rate of the wireless network The default is Best e Output Power Set the transmit signal strength of the access point AP The options are Full Half Quarter Eighth and Min Decrease the transmit power if two or more APs are close together and use the same channel frequency The default is Full 2 12 Basic Installation and Configuration v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Understanding WAG302v2 Wireless Security Options Your wireless data transmissions can be received well beyond your walls by anyone with a compatible adapter For this reason use the security features of your wireless equipment The WAG302v2 Wireless Access Point provides highly effective security features which are covered in detail in this chapter Deploy the security features appropriate to your needs There are several ways you can enhance the security of your wireless network e Restrict Access Based on MAC address You can restrict access to only trusted PCs so that unknown PCs cannot wirelessly connect to the WAG302v2 MAC address filtering adds an obstacle against unwanted access to your network
107. the LANs e A computer on any LAN segment should be able to connect to the Internet or share files and printers with any other PCs or servers connected to any of the three LAN segments e Wireless stations will not be able to connect to the WAG302v2 Wireless Access Points in Figure 4 6 If you require wireless stations to access any LAN segment you can use additional WAG302v2 Wireless Access Points configured in Wireless Access Point mode to any LAN segment Note You can extend this multi point bridging by adding additional WAG302v2s configured in Point to Point mode for each additional LAN segment Furthermore you can extend the range of the wireless network with NETGEAR wireless antenna accessories Advanced Configuration 4 11 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Repeater with Wireless Client Association In this mode the WAG302v2 Wireless Access Point sends all traffic to the remote AP For repeater mode you must enter the MAC address of the remote parent access point You can also enter the address of the child access point Note that the following restrictions apply e You do not have the option of disabling client associations with this WAG302v2 e You cannot configure a sequence of parent child APs You are limited to only one parent child AP pair The figure below shows an example of a Repeater Mode configuration em Wireless PC
108. tion 3 9 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Viewing the Available Wireless Station List The Available Wireless Station List contains a table of all IP devices associated with the wireless access point for the Wired Network Name SSID From the WAG302v2 main menu under the Information heading click Available Wireless Station List to view the list For each device the Available Wireless Station List table shows the Station ID MAC address IP Address and Status whether the device is allowed to communicate with the wireless access point or not Activity Log Available Wireless Station List StatiWics Rogue AP Detection 11a Rogue AP Detection 11big Figure 3 7 If the wireless access point is rebooted the table data is lost until the wireless access point rediscovers the devices To force the wireless access point to look for associated devices click the Refresh button a Note A wireless network can include multiple wireless access points that use the same network name SSID This extends the reach of the wireless network Users can roam from one access point to another providing seamless network connectivity If this is the case only the stations associated with this access point are shown in the Available Station List 3 10 Management and Information v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual
109. ue gt Example set tx queue wlan0 with queue data2 to burst 0 5 Station EDCA parameters Set AIFS on station to AP traffic aifs lt AIFS_Value gt set wm to Example set wm queue wlan0 with queue lt Queue_Name gt queue wlanO with queue vo to aifs 14 Command Line Reference v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 16 Advanced Wireless Settings continued Task Command station to AP traffic Set cwMin and cwMax on set wm queu wlan0O with queue lt Queue_Name gt to cwmin lt cwmin_Value gt cwmax lt cwmax_Value gt Example set wme queue wlan0 with queue vi cwmin 7 cwmax 15 Set TXOP Limit on station s t wme queu to AP traffic to Example set wme queu limit 49 wlan0O with queue lt Queue_Name gt txop limit lt txop limit_Value gt wlan0 with queue vo to txop Advanced Access Point Settings The commands in Table C 17 correspond to the Access Point Settings page on the Web UI under the Advanced heading Table C 17 Advanced Access Point Settings Task Command Enable Wireless Bridging and set interface wlanOwdsO status up Repeating set interface wlan0wds0 radio wlan0o Disable Wireless Bridgingand set interface wlanOwds0O
110. ueue Description Data 0 Voice High priority queue minimum delay Time sensitive data such as VoIP and streaming media are automatically sent to this queue Data 1 Video High priority queue minimum delay Time sensitive video data is automatically sent to this queue Data 2 best effort Medium priority queue medium throughput and delay Most traditional IP data is sent to this queue Data 3 Background Lowest priority queue high throughput Bulk data that requires maximum throughput and is not time sensitive is sent to this queue FTP data for example AIFS Arbitration Inter Frame Space Specifies a wait time in milliseconds for data frames Valid values for AIFS are 1 through 255 cwMin Minimum Contention Window Upper limit in milliseconds of a range from which the initial random backoff wait time is determined Valid values for the cwmin are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwMin must be lower than the value for cwMax cwMax Maximum Contention Window Upper limit in milliseconds for the doubling of the random backoff value Valid values for the cwmax are 1 3 7 15 31 63 127 255 511 or 1024 The value for cwMax must be higher than the value for cwMin Max Burst Length Specifies in milliseconds the Maximum Burst Length allowed for packet bursts on the wireless network A packet burst is a collection of multiple fr
111. uthentication to set interface wlan0 security static wep Shared Key Set the Data Encryption to 64 bit set interface wlan0vap0 wep key length 40 WEP Set the Data Encryption to 128 bt set interface wlan0vap0 wep key length 104 WEP Set the Key Type to ASCII set interface wlan0vap0 wep key ascii yes Set the Data Encryption to 152 bt set interface wlan0Ovap0O wep key length 128 WEP Set the Key Type to Hex set interface wlan0vap0 wep key ascii no C 10 Command Line Reference v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table C 9 Security Profile Settings continued Task Command Set the WEP Keys set inter face wlan0 wep key 1 lt key gt Note For 64 bit WEP use 5 ASCII characters or 10 Hex characters For 128 bit WEP use 13 ASCII characters or 26 Hex characters For 152 bit WEP use 32 hexadecimal or 16 ASCII characters Example 64 bit WEP with ASCII set interface wlan0O wep key 1 abcde set interface wlan0 wep key 2 fghi set interface wlan0O wep key 3 klilmno set interface wlanO wep key 4 pqrst Set Network Authentication to set interface wlan0 security dot1x 802 1X Set Network Authentication to set interface wlan0 security wpa personal WPA set bss wlanObssvap0 wpa allowed on set bss wlanObssvap0 wpa2 allowed off Set
112. v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual helpful for viewing basic system information Table C 5 System Information Task Command View hardware information get system View information about all interfaces get interface View information about the 802 11 radio get radio View information about the Security Profiles get vap View DNS settings get host Configuring Basic Settings The commands in Table C 6 correspond to the Basic Settings page on the Web UI Table C 6 Basic Setting s Task Command Set the Access Point Name set host id lt name gt Example set host id LAB AP Example interface brv se 2994290620920 Set the Country Region set system country lt 2_letter_country_code gt Example set system country us Enable the DHCP Client set management dhcp client status up Disable the DHCP Client set management dhcp client status down Set a Static IP Address set interface brvlanl static ip lt ip_address gt Example set interface brvlanl static ip 10 10 12 221 Set a Subnet Mask set interface brvlanl static mask lt netmask gt anl static mask Set the Default Gateway set static ip rout Example set static ip rout gateway lt ip_address gt gateway 10 10 12 1 Command Line Reference v
113. vailable on the Backup Restore Settings page Management and Information 3 5 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Backing up and Restoring the Configuration To save your settings click Backup Your browser extracts the configuration file from the wireless access point and prompts you for a location on your computer to store the file You can give the file a meaningful name at this time such as WAG302v2 xml To restore your settings from a saved configuration file enter the full path to the file on your computer or click the Browse button to locate the file When you have located it click the Restore button to upload the file After completing the upload the WAG302v2 reboots automatically Erasing the Configuration You can erase the wireless access point configurations and return to the factory default settings After you erase the configurations the wireless access point s password will be password the SSID will be NETGEAR the DHCP client will be disabled the default LAN IP address will be 192 168 0 230 and the access point name is reset to the name printed on the label on the bottom of the unit Using the Reset Button to Restore Factory Default Settings If you do not know the login password or IP address you can still restore the factory default configuration settings with the Reset button This button is on the rear panel of the wireless access point see Rear Pan
114. vailable through the Web UI Command Line Reference C 5 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Viewing General Information Table C 4 describes the commands you use to view some of the information that you see on the General page of the Web UI Table C 4 General Information Task Command Access Point Information View Access Point Name get host id View the MAC Address for the Access Point View the Country Region View the Firmware Version for the Access Point get interface brvlanl mac get system country get system version View the Access Point Mode get interface brvlanl type View the Untagged VLAN ID get untagged vlan Current IP Settings View the IP Address View the Subnet Mask get interface brvlanl get interface brvlanl View the Default Gateway IP address get ip route gateway View the DHCP Client status get management dhcp client status Current Wireless Settings View the Operating Mode get radio all mode View the Channel Frequency get radio all channel View whether Rogue AP Detection is enabled get radio all ap detection View information about the Security Profiles get vap all detail The commands in the following table do not correspond to a specific Web page but they can be Command Line Reference
115. wireless capable computer There is a configuration problem Check these items You might not have restarted the computer with the wireless adapter to have TCP IP changes take effect Restart the computer The computer with the wireless adapter may not have the correct TCP IP settings to communicate with the network Restart the computer and check that TCP IP is set up properly for that network The usual setting for Windows the Network Properties is set to Obtain an IP address automatically The access point s default values may not work with your network Check the access point default configuration against the configuration of other devices in your network 5 2 Troubleshooting v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual cannot connect to the WAG302v2 to configure it Check these items e The WAG302v 2 is properly installed LAN connections are OK and it is powered on Check that the LAN port LED is on amber indicating a 10 Mbps Ethernet connection or green indicating a 100 Mbps Ethernet connection to verify that the Ethernet connection is OK e The default configuration of the WAG302v2 is for a static IP address of 192 168 0 230 and a Mask of 255 255 255 0 with DHCP disabled Make sure your network configuration settings are correct e Ifyou are using the NetBIOS name of the WAG302v2 to connect ensure that your computer and the WAG302v2 are on the same n
116. y 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual A 2 Related Documents v1 0 May 2006 Appendix B Specifications This appendix provides default factory settings and technical specifications for the ProSafe 802 11a g Dual Band Wireless Access Point WAG302v2 Default Factory Settings You can use the reset button located on the rear panel of your device to reset all settings to their factory defaults This is called a hard reset To perform a hard reset push and hold the reset button for three seconds Your device will return to the factory configuration settings shown in Table B 1 Table B 1 Access Point Default Configuration Settings Feature Description AP Login User Login URL 192 168 0 230 User Name case sensitive admin Login Password case sensitive password Ethernet Connection Ethernet MAC Address See bottom label Port Speed 10 100 Basic Settings AP Name netgearxxxxxx where xxxxxx are the last six digits of the wireless access point s MAC address Country Region United States in North America otherwise varies by region IP Address 192 168 0 230 Subnet Mask 255 255 255 0 DHCP Client Disabled Spanning Tree Protocol Enabled VLAN 802 1Q Enabled Specifications B 1 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Table B 1 Acce
117. y 3 Key 4 WPA PSK Pre Shared Key WPA2 PSK Pre Shared Key Record the WPA PSK key Record the WPA2 PSK key Key Key WPA RADIUS Settings For WPA record the following settings for the primary and secondary RADIUS servers Server Name IP Address Primary Secondary Port Shared Secret WPA2 RADIUS Settings For WPA2 record the following settings for the primary and secondary RADIUS servers Server Name IP Address Primary Secondary Port Shared Secret Basic Installation and Configuration 2 19 v1 0 May 2006 NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Configuring the RADIUS Server Settings Use the following steps to view or change the RADIUS Server Settings 1 Connect to the WAG302v2 In the address field of your Web browser enter the default LAN address of http 192 168 0 230 Log in with the user name of admin and default password of password or log in by using the LAN address and password that you configured 2 Inthe Security menu click RADIUS Server Settings Enter the settings for the primary RADIUS server and secondary RADIUS server if available and click Apply Security Profile Settings 11a Security Profile Settings 11b g Radius Server Settings ieee Radius Server Settings Access Contr Primary Authentication Server IP Address Oo he kE ke Port Number 1812 Shared Secret Secondary Authentication Server IP Address Oo 0 p lo P
Download Pdf Manuals
Related Search