Planet 802.11g Wireless Access Point / Bridge WAP-4000, User Manual

Page 1: ...802 11g Wireless Access Point Bridge WAP 4000 User s Manual ...

Page 2: ...limits for a Class B digital device pursuant to Part 15 of FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no gua...

Page 3: ...munication terminal Equipment and the mutual recognition of their conformity R TTE The R TTE Directive repeals and replaces in the directive 98 13 EEC Telecommunications Terminal Equipment and Satellite Earth Station Equipment As of April 8 2000 Safety This equipment is designed with the utmost care for the safety of those who install and use it However special attention must be paid to the danger...

Page 4: ...dvanced Settings 11 3 1 6 Security 12 3 1 7 802 1x 13 3 1 8 Tools 15 3 2 CONFIGURE THROUGH 54M AP UTILITY 15 3 2 1 Install 54M AP Utility 15 3 2 2 54M AP Utility configuration 17 CHAPTER 4 802 1X AUTHENTICATION SETUP 23 4 1 802 1X INFRASTRUCTURE 23 4 2 RADIUS SERVER SETUP 24 4 2 1 Required Services 24 4 2 2 Setup Procedure 24 4 3 AUTHENTICATOR SETUP 38 4 4 WIRELESS CLIENT SETUP 39 4 4 1 EAP MD5 Au...

Page 5: ...5 4 MULTIPLE BRIDGE MODE 51 CHAPTER 6 TROUBLESHOOTING 52 ...

Page 6: ...above items are missing contact your supplier as soon as possible 1 2 System Requirements Before installation please check the following requirements with your equipment Pentium Based And Above IBM Compatible PC System CD ROM drive Windows 98 ME 2000 XP Operating System with TCP IP protocol 1 3 Features Wireless LAN IEEE802 11g and IEEE802 11b compliant Strong network security with 802 1X authenti...

Page 7: ...dBm 12 Mbps 86dBm 9 Mbps 89dBm 6 Mbps 90dBm typically PER 8 packet size 1024 and 25ºC 5ºC Operating Mode AP AP Client Bridge Point to Point Point to MultiPoint Security 64 128 bit WEP encryption Password Protect 802 1X security MD5 and TLS MAC Filtering SSID Broadcast Disable function Frequency Band 2 4 GHz 2 484GHz Channel FCC 11 Channels US Canada ETSI 13 Channels Europe TELEC 14 Channels Japan ...

Page 8: ...rove the coverage 2 Environmental factors The wireless network is easily affected by many environmental factors Every environment is unique with different obstacles construction materials weather etc It is hard to determine the exact operating range of WAP 4000 in a specific location without testing 3 Antenna adjustment The bundled antenna of WAP 4000 is adjustable Firstly install the antenna poin...

Page 9: ...ry to place them to a position that can best cover your wireless network The antenna s position will enhance the receiving sensitivity 3 Connect RJ 45 cable to WAP 4000 Connect this WAP 4000 to your LAN switch hub or a single PC 4 Plug in power adapter and connect to power source After power on WAP 4000 will start to operate Note ONLY use the power adapter supplied with the WAP 4000 Otherwise the ...

Page 10: ...w you to monitor and configure via web browser e g MS Internet Explorer or Netscape 1 Open your web browser 2 Enter the IP address of your WAP 4000 in the address field default IP address is http 192 168 1 1 Please note that your PC s IP address should be on the same IP subnet of the WAP 4000 For example you can configure your PC s IP address to 192 168 1 2 if WAP 4000 is with IP 192 168 1 1 3 A U...

Page 11: ...b page Setup Wizard will pop up as below To quick configure WAP 4000 please follow the steps below to complete the configuration Click Next to continue Step 1 Set your new password The default password for administrator login name is admin is admin You can change the Password in this step Click Next Step 2 Set the SSID and Channel ...

Page 12: ...t Step 3 Set Encryption You can enable WEP encryption and set WEP key in this screen Click Next to continue Step 4 Restart Please click the Restart button to save the settings and restart WAP 4000 In the following web page please click Close to close the Setup Wizard window ...

Page 13: ... You can check your WAP 4000 settings and status in this screen You can click the View Log button and then the screen below will appear You can view the logged message here You can also clear or refresh the log record ...

Page 14: ...rk system must be identical for all points Channel The value of channel can be selected from channel 1 to 11 for FCC domain channels 1 to 13 for ETSI domain and 1 to 14 for Japan domain WEP Wired Equivalent Privacy WEP is an encryption scheme used to protect wireless data communication To enable the icon will prevent other stations without the same WEP key from linking with the AP 3 1 4 IP Setting...

Page 15: ...clusive IP address each time it logs on to a network making IP address management an easier job for network administrators When a computer connects to the network the DHCP server selects an IP address from a master list and assigns it to the system The device must set to Obtain the IP address automatically The Wireless Access Point Gateway s DHCP server is disabled by default If you would like to ...

Page 16: ... mode please enter the LAN MAC address of the main WAP 4000 into Remote AP BSS ID field Wireless Bridge This mode connects two physically separated LAN segments by using two WAP 4000s The remote WAP 4000 also needs to be set up as a Wireless Bridge The Remote Bridge MAC field must be filled with the LAN MAC address of the remote WAP 4000 Multiple Bridge This mode allows you to construct a network ...

Page 17: ... and access privileges of roaming network cards You may choose between Open System and Shared Key Open System Open System authentication is the simplest of the available authentication algorithms Essentially it is a null authentication algorithm Any station that requests authentication with this algorithm may become authenticated if Authentication Type at the recipient station is set to Open Syste...

Page 18: ...ers Filter function is for the administrator to authorize who can gain network access through the Access Point by using MAC address filtering By choosing the Allow option only MAC addresses in the Authorization table will be allowed to communicate with the Access Point By choosing the Deny option any MAC address in the table will be denied association with the Access Point You can have up to 50 MA...

Page 19: ...on key RADIUS Server 1 Enter the IP address communicate port number and shared secret key of your primary RADIUS server RADIUS Server 2 Enter the IP address communicate port number and shared secret key of your secondary RADIUS server Note As soon as 802 1X authentication is enabled all the wireless client stations that are connected to the AP currently will be disconnected The wireless clients mu...

Page 20: ...default Firmware Upgrade You can upload the newest firmware of the WAP 4000 You may either enter the file name in the entry field or browse the file by clicking the Browse button 3 2 Configure through 54M AP Utility The 54M AP Utility is provided to configure the WAP 4000 It can be used to configure multiple WAP 4000s at the same time in an easiest way 3 2 1 Install 54M AP Utility 1 Insert the Use...

Page 21: ... can click Browse to specify the Destination Folder that you want to install the utility Or you can keep the default setting and click Next to continue 4 Please click Finish to complete the software installation ...

Page 22: ...ess Apply to save It will show you the dialog box to enter User Name and Password By default the User Name and Password is admin 3 2 2 1 Link Information When the configuration utility starts it will show you the first option Link Information You can view the first Access Point s current setting Note If you have many WAP 4000 all the WAP 4000s will list in Available AP You can select the WAP 4000 ...

Page 23: ...nts can be connected through WAP 4000 Access Point Client A WAP 4000 set to AP Client mode is able to connect to another WAP 4000 functioning in AP mode and wireless client within its range This mode allows your WAP 4000 client to be the wirelessly bridged to the main WAP 4000 When you select this mode please enter the LAN MAC address of the main WAP 4000 into Remote AP BSS ID field Wireless Bridg...

Page 24: ...ion threshold Enter a value between 256 and 2346 If you experience a high packet error rate try to slightly increase your Fragmentation Threshold The value should remain at its default setting of 2346 Setting the Fragmentation Threshold too low may result in poor performance DTIM Interval Specify the Beacon Rate Enter a value between 1 and 255 that specifies the Delivery Traffic Indication Message...

Page 25: ...ssary for communication with devices outside the subnet of the Access Point If your network is not divided onto different subnets this can remain blank DHCP Client If there is a DHCP Server in your LAN you can select DHCP Client to let the WAP 4000 be a client to get an IP address from your DHCP server DHCP Server Enable or disable DHCP server function of WAP 4000 When DHCP server is enabled you c...

Page 26: ...ct number for the key values with different Key Length and coding Hex or ASCII as 64bit 10 Hex digit 5 ASCII 128bit 26 Hex digit 13 ASCII or 256bit 58 Hex digit 29 ASCII please select one of them and enter the key you want to use When Hex is selected you may enter alphanumeric characters in the range of A F a f and 0 9 in the WEP Key entry field Alternatively you may enter digit hexadecimal values...

Page 27: ...the Encryption key RADIUS Server 1 Enter the IP address communicate port number and shared secret key of your primary RADIUS server RADIUS Server 2 Enter the IP address communicate port number and shared secret key of your secondary RADIUS server Note As soon as 802 1X authentication is enabled all the wireless client stations that are connected to the AP currently will be disconnected The wireles...

Page 28: ...der to have access to both Internet and Intranet With 802 1X authentication each of these wireless clients would have to be authenticated by RADIUS server If the client is authorized WAP 4000 would be notified to open up a communication port to be used for the client There are 2 Extensive Authentication Protocol EAP methods supported 1 MD5 and 2 TLS MD5 authentication is simply a validation of exi...

Page 29: ...lled please install Service Pack 2 also and other latest security patch Furthermore the following service components are needed n Active Directory Please consult with your network administrator or an engineer who is familiar with Windows 2000 server to install Active Directory otherwise your system or network might be unstable n IAS Internet Authentication Service n Web Server IIS n Certificate Se...

Page 30: ...d click Next to continue 7 Go to Start Program Administrative Tools Certificate Authority 8 Right click on the Policy Setting select new 9 Select Certificate to Issue 10 Select Authenticated Session and Smartcard Logon by holding down to the Ctrl key and click OK to continue ...

Page 31: ...26 11 Go to Start Program Administrative Tools Active Directory Users and Computers 12 Right click on domain and select Properties to continue 13 Select Group Policy tab and click Properties to continue ...

Page 32: ... 27 14 Go to Computer Configuration Security Settings Public Key Policies 15 Right click Automatic Certificate Request Setting and select New 16 Click Automatic Certificate Request ...

Page 33: ...tomatic Certificate Request Setup 19 Go to Start Run and type command and click Enter to open Command Prompt 20 Type secedit refreshpolicy machine_policy to refresh policy Adding Internet Authentication Service 21 Go to Start Control Panel Add or Remove Programs 22 Select Add Remove Windows Components from the panel on the left 23 Select Internet Authentication Service and click OK to install ...

Page 34: ...Service 25 Right click Client and select New Client 26 Enter the IP address of WAP 4000 in the Client address text field a memorable name for WAP 4000 in the Client Vendor text field the access password used by WAP 4000 in the Shared secret text field Re type the password in the Confirmed shared secret text field ...

Page 35: ... 30 27 Click Finish 28 In the Internet Authentication Service right click Remote Access Policies 29 Select New Remote Access Policy 30 Select Day And Time Restriction and click Add to continue ...

Page 36: ...less you want to specify the active duration for 802 1X authentication click OK to accept for having 802 1x authentication enabled at all times 32 Select Grant remote access permission and click Next to continue ...

Page 37: ...t Profile For TLS Authentication Setup Steps 34 35 34 Select Authentication Tab 35 Enable Extensible Authentication Protocol and select Smart Card or other Certificate for TLS authentication Click OK Then go to step 38 ...

Page 38: ...or MD5 Authentication Setup Steps 36 37 36 Select Authentication Tab 37 Enable Extensible Authentication Protocol Select MD5 Challenge and enable Encrypted Authentication CHAP for MD5 authentication Click OK ...

Page 39: ...ion from top panel Then click Register Service in Active Directory 39 Go to Start Program Administrative Tools Active Directory Users and Computers 40 Right click on the domain and select Properties 41 Select Group Policy tab and click Edit to edit the Group Policy ...

Page 40: ... 35 42 Go to Computer Configuration Windows Settings Security Settings Account Policies Password Policies Double click on Store password using reversible encryption for all users in the domain ...

Page 41: ...inue 44 Go to Start Program Administrative Tools Active Directory Users and Computers 45 Go to Users Right click on the user that you are granting access and select Properties 46 Go to Account tab and enable Store password using reversible encryption 47 Click Apply to continue ...

Page 42: ... 37 48 Go to the Dial in tab and check Allow access option for Remote Access Permission and No Call back for Callback Options Then click OK ...

Page 43: ...p 1 For EAP MD5 Authentication WEP key must be set previously Go to Basic Settings Enable WEP key and enter a desired key string You can skip this step if using EAP TLS Authentication 2 Click on 802 1X for detailed configuration ...

Page 44: ... Key used by the Secondary Radius Server 7 Click Apply The 802 1x settings will take effect right after WAP 4000 reboots itself You can also use utility to configure 802 1X settings The procedures are similar to above described 4 4 Wireless Client Setup Windows XP is originally 802 1X support As to other operating systems windows 98SE ME 2000 an 802 1X client utility is needed The following proced...

Page 45: ... on Network Connections 2 Right click on the Wireless Network Connection which using WL 3555 3 Click Properties to open up the Properties setting window 4 Click on the Wireless Network tab 5 Click Properties of one available wireless network which you want to associate with ...

Page 46: ...t Data encryption WEP enabled option but leave other options unselected 7 Enter the network key in Network key text box The string must be the same as the first set of WEP key which you set to WAP 4000 8 Click OK ...

Page 47: ...t MD 5 Challenge from the drop down list box for EAP type 12 Click OK 13 When wireless client has associated with WAP 4000 a user authentication notice appears in system tray Click on the notice to continue 14 Enter the user name password and the logon domain that your account belongs 15 Click OK to complete the validation process ...

Page 48: ...ccount password to access the server 1 Active web browser enter http 192 168 1 10 certsrv in the Address field which 192 168 1 10 is the IP address of our server This will directly access to Certificate Service of a Windows 2000 server A dialog box will prompt you to enter user name and password 2 Enter a valid user name and password then click OK to continue 3 Select Request a certificate and cli...

Page 49: ... 44 4 Select User Certificate request and click Next to continue 5 Click Submit to continue ...

Page 50: ...5 6 The Certificate Service is now processing the certificate request 7 The certificate is issued by the server click Install this certificate to download and store the certificate to your local computer ...

Page 51: ...icate is now installed Wireless Adapter Setup 1 Go to Start Control Panel double click on Network Connections 2 Right click on the Wireless Network Connection which using WL 3555 3 Click Properties to open up the Properties setting window 4 Click on the Wireless Network tab ...

Page 52: ... 47 5 Click Properties of one available wireless network which you want to associate with 6 Select The key is provided for me automatically option ...

Page 53: ...work access control using IEEE 802 1X option to enable 802 1x authentication 10 Select Smart Card or other Certificate from the drop down list box for EAP type 11 Click OK 12 When wireless client has associated with WAP 4000 Windows XP will prompt you to select a ...

Page 54: ...ate If you have multiple certificates in local computer click on the network connection icon in the system tray to continue 13 Select the certificate that was issued by the server in our demonstration WirelessCA and click OK to continue 14 Make sure this certificate is issued by correct server and click OK to complete the authentication process ...

Page 55: ...et network There are two things need to be check for your wireless end nodes the services set ID SSID and the Wired Equivalent Protocol WEP both parameters should the same with your Access Point 5 2 Wireless AP Client mode The WAP 4000 can also act as a client on a wireless LAN When configured as AP Client mode WAP 4000 soon makes your connected PC a wireless end node This mode can be deployed if ...

Page 56: ...reach consult your local dealer for more about how to extend your distance Note Please do consult your local dealer about the external or directional antenna you would like to install and get the connection Improper outdoor antenna installation could damage the Access Point or get injured or get killed in some condition like thunders or strong winds 5 4 Multiple Bridge mode For multiple LANs the W...

Page 57: ... Control Panel Network to check the Properties for the TCP IP protocol My wireless client cannot associate with WAP 4000 Check the following w Make sure the wireless adapter is compatible with IEEE 802 11b or 802 11g w Move the wireless client closer to WAP 4000 w Ensure WAP 4000 and the wireless client have the same SSID w Ensure WAP 4000 and the wireless client have the same WEP encryption setti...