Manufacturer's Disclaimer Statement The information in this document is subject to change without notice and does not represent a commitment on the part of the vendor. No warranty or representation, either expressed or implied, is made with respect to the quality, accuracy or fitness for any particular purpose of this document.
Table of Contents INTRODUCTION..........................4 Product Features ........................4 System Requirements....................... 4 GETTING STARTED ........................5 Getting To Know The Wireless Network Access Point ............. 5 WIRELESS NETWORK ACCESS POINT’S PORTS ............. 5 WIRELESS NETWORK ACCESS POINT’S LEDS ..............5 Connecting The Wireless Network Access Point ..............
INTRODUCTION LevelOne WAP-0003 54Mbps Wireless Access Point is designed to meet the need s of wireless clients who use 2.4GHz 802.11b/g(draft) compliant wireless networking devices such as PC Card. With the Dual-Standard capability, not o nly seamless but also simultaneous wireless data transmission between AP and all wireless clients using both 802.11b and g (draft) can be...
GETTING STARTED Getting To Know LevelOne 54Mbps Wireless Access Point LevelOne WAP-0003 WIRELESS ACCESS POINT’S PORTS ♦ Power Receptor ♦ Reset Button ♦ MDII RJ-45 Ethernet Port Straight-Through cable is required to connect with router or switch. Cross-Over cable is required to connect to computer directly.
Page 6
Setting Up LevelOne WAP-0003 Wireless Access Point LevelOne 54mbps Access Point is designed to be working right out of the box. Any changes of the default settings can be easily made through the web-based configuration menu using web browser, such as Internet Explorer.
The Ethernet network adapter must be working properly. Please refer to Troubleshooting section for details . If you are connecting LevelOne Access Point thro ugh a router or a local area network, which has DHCP server enabled, you will not need to assign a static IP address to the computer that you are using to configure the Access Point.
Configuration Menu You can access the configuration menu anytime by opening up an web browser window, and type in the IP address of LevelOne Access Point. The default IP address of the Access Point is shown below. Open web browser...
Page 9
NOTE: The default username is “admin ” and the default password is also “admin ”. The configuration menu will appear. You can configure and get information about LevelOne Access Point by going through each tab. Here Status page is displayed.
Setup wizard is provided as part of the web configuration utility. You can simply follow the step-by-step process to get LevelOne Access Point configured and ready for running in 4 easy steps by clicking on the “Wizard ” button on the function menu. The following screen will appear.
Page 11
Key text box, then click “Next” to continue. Step 4: Restart The Setup wizard is now completed. The new settings will be effective after LevelOne Access Point restarts. Click “Restart” to reboot the Access Point. -11-...
LevelOne Access Point is now rebooting, click “ Close ” to close the Setup wizard window and go back to the main menu. Status Page This page displays the following information. -12-...
Page 13
Firmware Version: Shows the current firmware version LAN: Shows the Mac address, IP address (default: 192.168.1.1), Subnet Mask, Gateway Address. The current LAN traffic calculated in terms of number of packets sent and received by AP through wired connection is also displayed. Wireless: Shows the Mac address, current ESSID, the status of Encryption Function (Enable or Disable), the cu rrent using channel.
Basic Setting This is the page where you can change the basic settings of LevelOne 54Mbps Wireless Access Point with the minimum amount of effort to adjust a secure wireless n etwork. AP Name: Name of the AP, which can be used to identify the Access Point among the all the Access Points in the wireless network.
Page 15
The new settings are now been saved to Access Point and will be effective once the Access Point restarts. Click “Back” to go back to Basic Setting page. -15-...
IP Setting This is the page where you configure the IP and DHCP settings of LevelOne Access Point. The default IP address of LevelOne Access Point is 192.168.1.1 with the Subnet Mask of 255.255.2 55.0. You can type in other values for IP Address, Subnet Mask and Gateway and click “Apply”...
Page 17
The new settings are now been saved to Access Point and will be effective once the Access Point restarts. Click “Back ” to go back to Basic Setting page. -17-...
Advanced Setting This page contains configurations for advanced users, which the change will reflect the wireless performance and operating modes. AP Mode: Select one of the AP operating modes for different application of Access Point. AP – The normal Access Point operating mode which forms a wireless ESS network with its wireless clients.
Wireless Bridge – A pair of APs operating under Bridge mode to act as the bridge that connects two Ethernet networks or Ethernet enabled clients together. Y ou must make sure that the SSID and Channel is set to the same as that used by the AP you wish to connect. The “Remote Bridge MAC”...
Security This page is where you configure the security features supported by LevelOne Access Point. Password: Allow you to change the new login password. Here are the necessary steps: 1. Enter the new password in the “AP Password New:” field.
Page 21
MAC Filter MAC Filter function controls the MAC of the network devices that are listed in this table for access authorization or denial. When MAC Filter is enabled, by selecting the “Enabled” radio box, select one of two choices: ♦ Only deny PCs with MAC listed below to access device, or ♦...
Page 22
For any changes made in the security page, click “Apply” for the changes to be effective. When the above page will appear. Click “Back ” to go back to the previous page. -22-...
Page 23
There are three essential components to the 802.1x infrastructure: (1) Supplicant, (2) Authenticator and (3) Server. LevelOne Access Point serves as an Authenticator, and the EAP methods used must be supported by the back end Radius Server. The 802.1x security supports both MD5 and TLS Extensive Authentication Protocol (EAP).
Page 24
As soon as 802.1x security is enabled, all the wireless client stations that are connected to LevelOne Access Point currently will be disconnected. The wireless clients must be configured manually to authenticate themselves with the Radius server to be reconnected.
Click on the “Browse ” button to open a FileOpen Dialog box, where you get to select the file, which you save previous settings and configurations, to be opened. Upon selecting the saved file, click “Restore ” and complete the restore process whe n LevelOne Access Point re -operates after it restarts.
Page 26
LevelOne Access Point re -operates after it restarts. -26-...
Using AP 54M Utility for Management Installing AP 54M Utility The AP 54M Utility is a program that runs on your PC, which offers easy management for all existing 54Mbps Access Points in the same network domain. Please follow the steps below for installation and refer to “Manage and Configure AP with AP 54M Utility”...
Page 28
4. Click “Install” on the menu bar to proceed with 54M AP installation. -28-...
Page 29
The 54M AP Utility loads the Install wizard for installation. Click “Next” to start installation. Click “Next” to install in default folder or Click “Browse” to install in a different folder. -29-...
Page 30
Installation wizard copies the utility program files in your PC. 5. Click “Finish” to complete the installation. -30-...
Manage and Configure Access Point with 54M AP Utility LevelOne AP 54M Utility can be useful in a way that allows you to configure one AP to another to save the trouble of logging into the web configuration utility of each AP. However, all the Access Points that you wish to configure using 54M AP Utility must be in the same network domain as your PC ’s.
Link Information This is the default page when 54M AP Utility starts up. Status – displays the basic settings of the selected Access Point. Available AP – lists all the 54Mbps Access Point of the same network domain detected on the network.
AP Settings This is the page that allo ws you to change the settings of the Access Point. Basic Setting – allows you to enter the new values for ESSID, Channel and AP Name of the Access Point. Mode Setting – allows you to change the operating mode of the Access Point. There are 4 modes that you can choose: (1) Access Point, (2) Access Point Client, (3) Wireless Bridge and (4) Multiple Bridge.
Page 34
The utility program will now prompt you for user name and password as part of the login and security protection to make sure you have the right authorization. Enter “UserName ” and “Password ” for the Access Point Click “O K” button NOTE: The default username is “admin ”...
IP Settings This is the page where you configure the IP settings for the Access Point. Select “Fixed IP Address ” and enter the IP address of the Access Point and Gateway. Select “DHCP Client” if there is a DHCP server assigning IP addresses on the network.
WEP Settings This is the page that allows you to configure the WEP settings for the Access Point. Enable WEP Key security by clicking “Data Encryption” Select the “Auth. Mode” and the “Key Length ” Fill at least one of the 4 Web Key fields with Hex or ASCII values.
802.1x Settings Enable 802.1x security by clicking the “802.1X Function” checkbox. If MD5 EAP methods is used then you can skip step 3 and go to step 4. Select the Encryption Key Lifetime from 5 Minutes to 1 Day. As soon as the lifetime of the Encryption Key is over, the Encryption Key will be renewed by the Radius server.
NOTE: The default IP Address of LevelOne Wireless Access Point is 192.168.1.1. All the computers on the network must have a unique IP address in the same range, e.g., 192.168.1.xxx, and they must all have the same subnet mask, e.g., 255.255.255.0.
Page 39
The wireless clients cannot access the network in the infrastructure mode. ♦ Check that the wireless network device is being installed and working properly. Go to “Start” > Right mouse click on “My Computer” > “Properties” Go to “Hardware ” -39-...
Page 40
Go to “Device Manager” Right mouse click on the network adapter which you connect RJ45 cable with. And go to “Properties” -40-...
Page 41
♦ Wait till the Wireless Access Point reboots itself (it may take a few minutes), then the configuration will be set back to factory default values. What are the operation modes supported by LevelOne Wireless Access Point? The Wireless Access Point supports 4 operation modes:...
Page 42
Multi-point Bridge: Connects more than two independent Ethernet LAN networks or computers wirelessly. What is Roaming? Roaming is the ability of portable computers, e.g., Packet PC and notebook, to have consistent and continuous data transmission/reception throughout an area covered by more than one Wireless Access Point.
APPENDIX B: NETWORKING BASIS This chapter will help you learn the basics of home networking. Using the Windows XP Network Setup Wizard Go to Start menu > Control Pa nel > Network Connections In the menu on the left side window, select “Set up a home or small office network”...
Page 44
Select the option that best describes how you connect your computer to the Internet. In the case of using router in the network, choose the second option. C lick “Next” to continue. 1. Enter a short description for your computer. 2.
Page 45
Enter “Workgroup name ” for your home network. Click “Next” to continue ” Click “Next” and wait for the wizard to apply the settings -45-...
Page 46
You may create a network setup disk which saves you the trouble of having to configure every PCs in your network. Select the first choice, and insert a floppy disk into your disk drive Click “Next” to continue. -46-...
Page 47
Click “Format Disk” if you wish to format the disk. Click “Next” to copy the necessary files to the disk. Click “Next” to continue with the Network Setup Wizard -47-...
Page 48
NOTE: Now you may use the Network Setup Disk you just created in any PCs in your network that you wish to setup. Simply insert the Network Setup Disk into the disk drive of a PC, and open to browse the content of the disk with “My Computer” or “Windows File Manager”. Double -click and run the file “netsetup”...
Page 49
Checking IP Address of Your Computer In Windows XP Sometimes you will need to know the IP address of the computer that you are using. For example, when you want to make sure that your computer is in the same network domain as that of your Access Point for you can configure and access the AP.
Page 50
If the IP address is assigned by DHCP server on the network, there are chances you might have to release the IP and acquire it from DHCP server again. Here is how you do it. Go to Start menu > Run >...
Page 51
Dynamic IP Address V.S. Static IP Address By definition Dynamic IP addresses are the IP addresses that are being automatically assigned to a network device on the network. These Dynamically assigned IP addresses will expire and may be changed over time. Static IP addresses are the IP addresses that users manually enter for each of the network adapters.
Page 52
The Local Area Connection Properties would appear. Select “Internet Protocol 54Mbps High Speed Network Adapter (TCP/IP)” and Click “Properties” to continue. Dynamically Assigned IP Address The TCP/IP Properties window appears. Select “Obtain an IP address automatically” if you are on a DHCP enabled network.
Page 53
Static IP Address Select “Use the following IP address” Enter the IP address and subnet mask fields. Enter the IP address of the Router in the Default gateway field. Enter the IP address of the Router in the DNS server field Click “Ok”...
Page 54
The TCP/IP Properties window appears. Select “Obtain an IP address automatically” if you are on a DHCP enabled network. Click “OK” to close the window with the changes made Select “Use the following IP address” Enter the IP address and subnet mask fields.
Page 55
Wireless Network In Windows 98 and Windows ME Go to Start menu > Settings > Control Panel > Double -click on Network Select TCP/IP of the network device Click “Properties” to continue The Access Point restarts itself, and the screen will switch back to startup page –...
Page 56
Select “Specify an IP address” Enter the IP address and subnet mask fields. In the DNS Configuration Tab Page, (1) enter the IP address of the Router in the Default gateway field. (2) Enter the IP address of the Router in the DNS server field -56-...
APPENDIX C: 802.1x Authentication Setup There are three essential components to the 802.1x infrastructure: (1) Supplicant, (2) Authe nticator and (3) Server. The 802.1x security supports both MD5 and TLS Extensive Authentication Protocol (EAP). The 802.1x Authentication is a complement to the current WEP encryption used in wireless network.
MD5 authentication is simply a validation of existing user account and password that is stored in the server with what are keyed in by the user. Therefore, wireless client user will be prompted for account/password validation every time when he/she is trying to get connected. TLS authentication is a more complicated authentication, which involves using certificate that is issued by the Radius server, for authentication.
Page 59
Click “Properties” to open up the Properties setting window. Click on the “Wireless Network” tab. 54Mbps High Speed Network Adapter -59-...
Page 60
Click “Properties” of the available wireless network, which you wish to connect or configure. Please note that if you are going to change to a different 802.1x authentication EAP method, i.e. switch from using MD5 to TLS, , you must remove the current existing wireless network from your Preferred networks first, and add it in again.
Page 61
TLS Authentication Select “The key is provided for me automatically” option Click “O K” to close the Wireless Network Properties window. Click “Authentication” tab Select “Enable network access control using IEEE 802.1x” option to enable 802.1x authentication. -61-...
Page 62
Select “Smart Card or other Certificate ” from the drop-down list box for EAP type. Click “O K” to close the Wireless Network Connection Properties window, thus make the changes effective. The wireless client configuration in the zero -configuration utility provided in Windows XP is now completed for TLS configuration.
Page 63
TLS Authentication – Download Digital Certificate from Server In most c orporations, it requires internal IT or MIS staff’s help to have the certificated downloaded to your local computer. One of the main reasons is that each corporation uses its own server systems, and you will need the assistance from your IT or MIS for account/password, CA server location and etc.
Page 64
No w we are connected to the Certificate Service. Select “Request a certificate”, and click “Next” to continue. -64-...
Page 65
Select “User Certificate request”, and click “Next” to continue. -65-...
Page 67
The Certificate Service is now processing the certificate request. -67-...
Page 68
The certificate is issued by the server, click “Install this certificate” to download and store the certificate to your local computer. Click “Yes” to store the certificate to your local computer. -68-...
Page 69
Certificate is now installed. All the configuration and certificate download are now complete. Let’s try to connect to the Access Point using 802.1x TLS Authentication. -69-...
Page 70
Windows XP will prompt you to select a certificate for wireless network connection. Click on the network connection icon in the system tray to continue. -70-...
Page 71
Select the certificate that was issued by the server (WirelessCA), and click “OK” to continue. Check the server to make sure that it’s the server that issues certificate, and click “OK” to complete the authentication process. -71-...
Page 72
MD5 Authentication Select “Data encryption (WEP enabled)” option, but leave other option unselected. Select the key format that you want to use to key in your Network key. ASCII characters: 0~9, a~z and A~Z HEX characters: 0~9, a~f Select the key length that you wish to use 40 bits (5 characters for ASCII, 10 characters for HEX) 104 bits (13 characters for ASCII, 26 characters for HEX) After deciding the key format and key length that you wish to use for network key.
Page 73
Select “Authentication” tab. Select “Enable network access control using IEEE 802.1X” to enable 802.1x authentication . Select “MD-5 Challenge” from the drop-down list box for EAP type. Click “O K” to close Wireless Network Connection Properties window, thus make all the changes effective.
Page 74
Unlike TLS, which uses digital certificate for validation, the MD-5 Authentication is based on the user account/password. Therefore, you must have a valid account used by the server for validation. 35. WindowsXP will prompt you to enter your user name and password. Click on the network connection icon in the system tray to continue.
Page 75
36. Enter the user name, password and the logon domain that your account belongs if you have one or more network domain exist in your network. 37. Click “O K” to complete the validation process. -75-...
Authenticator: Wireless Network Access Point This is the web page configuration in LevelOne Access Point that we use. 1. Enable 802.1x security by selecting “ Enable”. 2. If MD5 EAP methods is used then you can skip step 3 and go to step 4.
Radius Server: Window2000 Server This section to help those who has Windows 2000 Server installed and wants to setup Windows2000 Server for 802.1x authentication, which includes setting up Certificate Service for TLS Authentication, and enable EAP -methods. Login into your Windows 2000 Server as Administrator, or account that has Administrator authority.
Page 78
Select “Enterprise root CA”, and click “Next” to continue. Enter the information that you want for your Certificate Service, and click “Next” to continue. -78-...
Page 79
Go to Start > Program > Administrative Tools > Certificate Authority Right-click on the “Policy Setting”, select “new” Select “Certificate to Issue” 10. Select “Authenticated Session” and “ Smartcard Logon” by holding down to the Ctrl key, and click “OK” to continue. -79-...
Page 80
11. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 12. Right-click on domain, and select ”Properties” to continue. 13. Select “Group Policy ” tab and click “Properties” to continue. -80-...
Page 82
17. The Automatic Certificate Request Setup Wizard will guide you through the Automatic Certificate Request setup, simply click “Next” through to the last step. 18. Click “ Finish” to comple te the Automatic Certificate Request Setup 19. Go to Start > Run, and type “ command” and click “ Enter” to open Command Prompt. 20.
Page 83
23. Select “Internet Authentication Service”, and click “O K” to install. -83-...
Page 84
Setting Internet Authentication Service 24. Go to Start > Program > Administrative Tools > Internet Authentication Service 25. Right-click “Client”, and select “New Client” -84-...
Page 85
26. Enter the IP address of the Access Point in the Client address text field, a memorable name for the Access Point in the Client-Vendor text field, the access password used by the Access Point in the Shared secret text field. Re-type the password in the Confirmed shared secret text field.
Page 86
28. In the Internet Authentication Service, right-click “Remote Access Policies” 29. Select “New Remote Access Policy”. 30. Select “Day -And-Time -Restriction”, and click “Add” to continue. -86-...
Page 87
31. Unless you want to specify the active duration for 802.1x authentication, click “OK” to accept to have 802.1x authentication enabled at all times. 32. Select “Grant remote access permission”, and click “Next” to continue. -87-...
Page 88
33. Click “Edit Profile” to open up -88-...
Page 89
For TLS Authentication S etup (Steps 34 ~ 38) 34. Select “Authentication” Tab 35. Enable “ Extensible Authentication Protocol”, and select “Smart Card or other Certificate” for TLS authentication -89-...
Page 90
36. Go to Start > Program > Administrative Tools > Active Directory Users and Computers 37. Select “Users”, and double -click on the user that can be newly created or currently existing, who will be configured to have the right to obtain digital certificate remotely. Please note that in this case, we have a user called, test, whose account/password are used to obtain the digital certificate from server.
Page 91
38. Go to the “Dial-in” tab, and check “ Allow access” option for Remote Access Permission and “No Callback ” for Callback Options. -91-...
Page 92
For MD5 Authentication (Steps 39 ~ 54) 39. Go to Start > Program > Administrative Tools > Active Directory Users and Computers. 40. Right click on the domain, and select “Properties” -92-...
Page 93
41. Select “Group Policy ” tab, and click “ Edit” to edit the Group Policy. -93-...
Page 94
42. Go to “Computer Configuration” > “Windows Settings” > “Security Settings” > “Account Policies” > “Password Policies” 43. Click “ Define this policy setting”, select “Enabled”, and click “OK” to continue. -94-...
Page 95
44. Go to Start > Progra m > Administrative Tools > Active Directory Users and Computers. 45. Go to Users. Right-click on the user that you are granting access, and select “Properties” -95-...
Page 96
46. Go to “Account” tab, and enable “ Store password using reversible encryption” 47. Click “ OK” to continue. -96-...
Page 97
48. Go to Start > Program > Administrative Tools > Internet Authentication Service . 49. Go to Remote Access Policies 50. Make sure that MD5 is moved up to Order 1 51. Right-click “MD5”, and select “ Properties” -97-...
Page 98
52. Go to “Authentication” tab 53. Enable “ Extensible Authentication Protocol” 54. Select “MD5-Challenge” for EAP type. -98-...
APPENDIX D: GLOSSARY Access Point ? An internetworking device that seamlessly connects wired and wireless networks. Ad-Hoc ? An independent wireless LAN network formed by a group of computers, each with an network adapter. AP Client – One of the additional AP operating modes offered by 54mbps Access Point, which allows the Access Point to act a s an Ethernet-to -Wireless Bridge, thus a LAN or a single computer station can join a wireless ESS network through it.
Page 100
Browser ? An application program that enables one to read the content and interact in the World Wide Web or Intranet. BSS ? BSS stands for “Basic Service Set”. It is an Access Point and all the LAN PCs that associated with it.
Page 101
Encryption ? A security method that uses a specific algorithm to alter the data transmitted, thus prevent others from knowing the information transmit ted. ESS ? ESS stands for “Extended Service Set”. More than one BSS is configured to become Extended Service Set.
Page 102
MAC Address ? Media Access Control Address is a unique hex number assigned by the manufacturer to any Ethernet networking device, such as a network adapter, that allows the network to identify it at the hardware level. Multicasting ? Sending data to a group of nodes instead of a single destination. Mu ltiple Bridge –...
Page 103
SSID ? Service Set Identifier, which is a unique name shared among all clients and nodes in a wireless network. The SSID must be identical for each clients and nodes in the wireless network. Subnet Mask ? The method used for splitting IP networks into a series of sub-groups, or subnets.
Need help?
Do you have a question about the WAP-0003 and is the answer not in the manual?
Questions and answers