1. Manuals
  2. Brands
  3. NanoGlobes Manuals
  4. Network Hardware
  5. WLAN-MINDER
  6. User manual

NanoGlobes WLAN-MINDER User Manual

Total aaa security for wireless and wired lan
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual

Advertisement

Table of Contents
loading

Summary of Contents for NanoGlobes WLAN-MINDER

  • Page 2 WLAN-Minder User Manual This page left intentional blank NanoGlobes Ltd Page 2 of 53 NGCD000423.005...
  • Page 3 Software licences are granted for use with one processor and are not transferable. • NanoGlobes Ltd., make no representations or warranties with respect to the contents hereof and specifically disclaims any implied warranties of merchantability or fitness for any particular purpose.
  • Page 4 This warranty does not apply if the WLAN-Minder unit have been damaged by neglect, improper handling or by any other cause not arising directly from defective materials or workmanship.

  • Page 5: Table Of Contents

    Configuring the WLAN-Minder........23...
  • Page 6 WLAN-Minder User Manual This page left intentionally blank. NanoGlobes Ltd Page 6 of 53 NGCD000423.005...

  • Page 7: Introduction

    Access Points) support this protocol. However certain low cost units and earlier designs do not support the IEEE 802.1x protocol, these products cannot be used in a WLAN-Minder solution. In general all components that have been certified by the Wi-Fi Consortium as being WPA compliant should operate with the WLAN-Minder.

  • Page 8: Wlan-Minder Features

    WLAN-Minder User Manual WLAN-Minder Features • Control of Wireless LAN users access to a wired network. • Plug-and-play solution: no server software installation required. • Support for IEEE 802.1x compliant EAP-TLS mutual authentication protocol. Authenticating the client to the network, and the network to the client.

  • Page 9: Wlan-Minder Front Panel Features

    WLAN-Minder User Manual WLAN-Minder Front Panel Features Power On Indicator Access Point Network: Link and Traffic Status LEDs Local Network: Link and Traffic Status LEDs. eToken select LEDs used to indicate a USB eToken should be inserted. USB sockets for connecting eTokens to be initialised or read.

  • Page 10: Using Smart Cards With The Wlan-Minder

    NOT remove the smart card when the RED LED is lit. INSERTING THE SMART CARD The contacts surface of the smart card should be face down, and the card inserted with the contacts at the edge closest to the centre of the WLAN-Minder unit. Using eTokens with the WLAN-Minder USB eTokens may be used as an alternative to a smart card for storing a user’s...

  • Page 11: Installing The Wlan-Minder

    WLAN-Minder User Manual Installing the WLAN-Minder. The WLAN-Minder must first be given a valid IP network address before it can be placed on the network. This is achieved by using the BIOS menu as outlined in this section. Once the IP address has been configured all further configuration is performed using a web browser interface.
  • Page 12 Gateway address. The user should set the IP Address and IP Subnet mask to a suitable value to be compatible with the network that the WLAN-Minder is to be attached to. The unit then prompts for a TFTP Server path and file name, and the IP Address of the TFTP server.
  • Page 13 For the changes to take effect and to restart the unit, either cycle the power to the unit (Power Off / On) or depress and release the RESET switch which is accessible on the rear panel of the WLAN-Minder unit. NanoGlobes Ltd Page 13 of 53 NGCD000423.005...

  • Page 14: Setting The Bios Password

    Error - Password not changed.” is displayed. The user must run the passwd command again. ----------------------------------------------------------- BIOS v1.11.1 (c) 2005 NanoGlobes Ltd. ----------------------------------------------------------- If you want to skip the BIOS command mode, type enter or wait a few seconds. After this, the system will boot automatically.

  • Page 15: Attaching The Wlan-Minder To The Network

    The connection must be made using the connector labelled [Network LAN] on the rear panel of the WLAN-Minder unit. Check the LAN Link light on the front panel of the WLAN-Minder lights up (GREEN). The user may confirm that the Ethernet link is working by issuing a PING command to the WLAN-Minder from another computer on the same subnet network.
  • Page 16 WLAN-Minder User Manual If the Ping fails to elicit a response from the WLAN-Minder, the user should check: The Ethernet cable is plugged in the LAN Network connector on the WLAN-Minder. ¤ The IP Address of the WLAN-Minder is set correctly.

  • Page 17: Initialising The Wlan-Minder - Creating The Root Ca System

    Initialising the WLAN-Minder - Creating the Root CA System. A new WLAN-Minder must first be initialised with a Root CA certificate system When the unit is first powered on it will automatically enter the correct mode for the administrator to setup the Root CA system.
  • Page 18 WLAN-Minder User Manual The user must enter the correct date and time. This is an important operation as the date/time entered is used as a reference in checking the validity of certificates. See Section 5.8. Each parameters is two numeric digits.
  • Page 19 CA Details section of the display and enter the following information: Root CA Validity Period The Number of DAYS the newly created certificate system on the WLAN-Minder is to be valid for. When this value expires ALL users of the system will have to have their certificates re-issued.
  • Page 20 When the Rebooting message is displayed the user should click the Back button. ¤ The system initialisation process is now completed. The Administrator will now be able to login to the WLAN-Minder settings menu to configure the unit and create users on the system. NanoGlobes Ltd Page 20 of 53...

  • Page 21: Configuring The Wlan-Minder

    Access Point(s). ¤ The WLAN-Minder must be used to issue the smart cards or eTokens for each user that is going to use the system. 4.1 Logging in to the WLAN-Minder web interface.
  • Page 22 In the Location bar of the web browser, enter the IP address of the WLAN-Minder. The WLAN-Minder will display a screen requesting the user to insert his identity administrator eToken or smart card (see section 10). Once the smart card or USB eToken has been detected by the WLAN- Minder, the Administrator user will prompt to enter his PIN code.

  • Page 23: Wlan-Minder Welcome Menu

    WLAN-Minder User Manual 4.2 WLAN-Minder Welcome Menu Once the Administrator is successfully logged in to the WLAN-Minder, the welcome screen is presented. This screen presents access to all the control functions supported by the WLAN- Minder. When configuring the WLAN-Minder for the FIRST time, the Administrator must perform the following actions in the order listed: Configure the parameters for the Access Points.

  • Page 24: Configuring The Wireless Lan Access Point

    WLAN-Minder User Manual 4.3 Configuring the Wireless LAN Access Point. From the “Welcome” menu select the [Access Point Settings] option. At least one valid access point must be defined, the first Access Point data should be entered in the Access Point 1 form.
  • Page 25 The IP Mask of the Access Server (in dotted decimal format: e.g. 255.255.255.0) Once all the Access Point parameters have been entered the [Save Settings] button should be clicked causing the WLAN-Minder to save all Access Point parameters. NanoGlobes Ltd Page 25 of 53...

  • Page 26: Token Settings

    The [Settings] menu provides the Administrator with the option of selecting to implement a system based either on smart cards or eTokens. The WLAN-Minder currently supports the Shlumberger 8K Cryptoflex smart card, or the Aladdin eToken-Pro USB tokens. The Pro-Server uses this setting to be able to generate the correct data sets when user accounts are generated.

  • Page 27: Creating User Accounts

    WLAN-Minder User Manual 4.5 Creating User Accounts. From the “Welcome” Menu please select the [Add User] option. NanoGlobes Ltd Page 27 of 53 NGCD000423.005...
  • Page 28 WLAN-Minder User Manual Format Card: Tick this item if the card to be used has already had data written to it. (If this box is not ticked and the card already contains data, an error will be reported when the Generate button is clicked.) If the card is blank (i.e.
  • Page 29 At least ONE access Point must be selected. The ESSID for each Access Point supported by the WLAN-Minder is listed. The Administrator should select the appropriate access points by clicking on associated “Allow Access” box. Once all the fields have been completed in the [Add User], [Token Type] and [Network Access] page, the GENERATE button should be clicked.

  • Page 30: Generating A Duplicate Administration Card

    NOTE: The master administrator card must be present in the Admin Card slot of the WLAN-Minder unit, the new card that is to be generated as an administrator card should be inserted in the User Card slot of the WLAN- Minder unit.

  • Page 31: Maintaining The Wlan-Minder

    WLAN-Minder User Manual Maintaining the WLAN-Minder. 5.1 Deleting User Accounts To permanently remove a user from the system the [Delete User(s)] option should be selected from the “Welcome” screen menu. The “Delete User(s)” menu will list all users currently registered with in the WLAN-Minder system.

  • Page 32: Managing Users

    WLAN-Minder User Manual 5.2 Managing Users. If it is only required to temporarily enable or disable users, then the [User Management] menu may be used for this purpose. This management feature does not remove users from the system. The [User Management] menu displays two windows, one listing the currently enabled users who are allowed access to the network, and the second window listing users that are currently denied access.
  • Page 33 WLAN-Minder User Manual To Enable a disabled user: Select the user from the DISABLED window by clicking on the users displayed name. Click the [Enable User] button. The selected user status will change to “Enabled” and his name will now appear in the ENABLED Window.

  • Page 34: Monitoring The Network

    WLAN-Minder User Manual 5.3 Monitoring the Network. The WLAN-Minder will allow an Administrator to view the identity of the users who are currently authenticated on the network in real time. To view these users the [Monitor Network] option should be chosen from the “Welcome” menu.

  • Page 35: Monitoring Logins

    5.4 Monitoring Logins. The Administrator may view a history of the Authenticated and Rejected logins that have been attempted by users of the WLAN-Minder system. These logs may be viewed by clicking on the [Rejected Logins] or [Authenticated Logins] buttons displayed on the “Welcome” screen.

  • Page 36: Viewing A User Token

    WLAN-Minder User Manual 5.5 Viewing a User Token. The Administrator may view certain information on a user’s smart card or eToken. The information displayed will indicate the user’s name and list the Access Points he has rights to associate with.

  • Page 37: Backing Up The Wlan-Minder Configuration Files

    WLAN-Minder unit. (See {11} Section 1.4) • Reset the WLAN-Minder unit. Either cycle the power Off/On, or depress and release the Reset switch on the rear panel of the WLAN-Minder unit (See {12} Section 1.4 ). • Login in to the WLAN-Minder unit using the Administrator smart card.
  • Page 38 WLAN-Minder User Manual The following figures give a rough guide to the storage requirements for a system back up. 25 Users Backup size 1.5Mb 50 Users Backup size 1.8Mb 100 Users Backup size 2.2Mb A 32MB Smart Media device is capable of storing a number of backup images.

  • Page 39: Restoring A Wlan-Minder Configuration

    5.7 Restoring a WLAN-Minder Configuration. • Insert the 32MB Smart Media device that contains the configuration files into the slot on the read panel of the WLAN-Minder unit. (See {11} Section 1.4) • Reset the WLAN-Minder unit. Either cycle the power Off/On, or depress and release the Reset switch on the rear panel of the WLAN-Minder unit (See {12} Section 1.4).
  • Page 40 WLAN-Minder User Manual Each backup is labelled with the WLAN-Minder name that the backup was made from and the date and time the backup was made. E.g. NGLMinder_80006c_20031110203145 CCYYMMDDhhmmss Century Year Month hhmmss Hours:Mins:Secs • WARNING Restoring a configuration file will DELETE all configuration and USER files currently stored on the WLAN-Minder unit.

  • Page 41: Changing The System Time / Date

    Care must be taken when changing the system time and date. Certificates are issued to users with a specific expiry date. The WLAN-Minder unit uses its own clock to determine whether a user’s certificate has expired or not. Thus, if an invalid date/time is set (i.e.

  • Page 42: Appendices

    WLAN-Minder User Manual Appendices 6.1 Hardware Specification Processor ARM940T Memory: 4MBytes FLASH EEPROM 8M Bytes NAND EEPROM 32M Bytes SDRAM Network: LAN Port 10/100Base T RJ45 (Full Duplex) WLAN Port 10/100Base T RJ45 (Full Duplex) [OPTIONAL N/A] Network LAN Status: Link...
  • Page 43 WLAN-Minder User Manual Administrator USB Socket GREEN LED Flashing - prompt for user to insert eToken. User USB Socket GREEN LED Flashing - prompt for user to insert eToken. Smart Card Interfaces: Administrator ISO 7816 compliant User ISO 7816 compliant...

  • Page 44: Connector Pin-Out

    WLAN-Minder User Manual 6.2 Connector Pin-out. RS232 9-Way D-Type Male Pin Out (Administrator RS232 Connector) Signal Signal Receive Data Request To Send Transmit Data Clear To Send Signal Ground — 10/100Base-T RJ45 Connector Pin Out Signal Signal Transmit (+) Transmit (-)

  • Page 45: Bios Administrator Cable [Ngl-210] Pin-Out

    WLAN-Minder User Manual 6.3 BIOS Administrator cable [NGL-210] pin-out. RS232 Administration Cable NGL-210 Pin Out. 9-Way D-Type 9-Way D-Type Female Female -----> 1 <------------------------> 1 <----- <------------------------> <------------------------> <------------------------> 6 <----- <------------------------> ------> 6 <------------------------> <------------------------> <------------------------> NanoGlobes Ltd Page 45 of 53...

  • Page 46: Windows Hyper-Terminal Setup For Bios Administration

    None Once the above parameters have been set click the [OK] button. Hyper-Terminal is now configured with the correct parameters and is ready to operate as a terminal emulator for the WLAN-Minder unit. NanoGlobes Ltd Page 46 of 53 NGCD000423.005...

  • Page 47: Unblocking A Blocked Smart Card / Etoken

    WLAN-Minder User Manual 6.5 Unblocking a Blocked Smart Card / eToken. Please contact your re-seller or distributor to obtain the necessary software required to unblock a smart card or eToken. NanoGlobes Ltd Page 47 of 53 NGCD000423.005...

  • Page 48: Two Character Country Codes

    WLAN-Minder User Manual 6.6 Two Character Country Codes. AD Andorra EC Ecuador KR Korea (South) AE United Arab Emirates EE Estonia KW Kuwait AF Afghanistan EG Egypt KY Cayman Islands AG Antigua and Barbuda EH Western Sahara KZ Kazachstan AI Anguilla...
  • Page 49 WLAN-Minder User Manual PT Portugal VN Vietnam PR Puerto Rico (US) VU Vanuatu PW Palau PY Paraguay WF Wallis & Futuna Islands WS Samoa QA Qatar YE Yemen RE Reunion (Fr.) YU Yugoslavia RO Romania RU Russian Federation ZA South Africa...

  • Page 50: References

    WLAN-Minder User Manual References 7.1 WLAN-Minder Workstation Client Users Manual. Document NGCd000421 NanoGlobes Ltd Page 50 of 53 NGCD000423.005...
  • Page 51 WLAN-Minder User Manual NOTES: NanoGlobes Ltd Page 51 of 53 NGCD000423.005...
  • Page 52 WLAN-Minder User Manual NOTES: NanoGlobes Ltd Page 52 of 53 NGCD000423.005...

Table of Contents