Page 1
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA Phone 1-888-NETGEAR 202-10078-01 February 2005 202-10078-01...
Page 3
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice WAG302 ProSafe Dual Band Wireless Access Point Tested to Comply with FCC Standards FOR HOME OR OFFICE USE FCC ID: PY3WAG302 This device complies with part 15 of the FCC Rules.
Page 4
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 FCC Statement DECLARATION OF CONFORMITY declare under our sole responsibility that the product(s) ProSafe Dual Band Wireless Access Point (Product Name) Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.
Page 5
20cm (7.9 in.) from persons. Further, the antennas shall not be colocated with other antenna or radio transmitter. Antenna Statement for North America and Australia In addition to its own 2 antennas, the WAG302 device has been approved for use with the following detachable antennas and antenna cables: Approved...
Page 6
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Product and Publication Details Model Number: Publication Date: Product Family: Product Name: Home or Business Product: Language: Publication Part Number: WAG302 February 2005 access point WAG302 ProSafe Dual Band Wireless Access Point...
Default Factory Settings ...3-3 Understanding WAG302 Wireless Security Options ...3-4 Installing the WAG302 Access Point ...3-5 How to Log In to the WAG302 Using Its Default IP Address ...3-12 Understanding Basic Wireless Settings ...3-13 Wireless Settings 11a ...3-13 Wireless Settings 11b/g ...3-15 Understanding WEP/WPA Security Options ...3-18...
Page 8
Upgrading the Wireless Access Point Software ...4-10 Configuration File Management ...4-10 Saving and Retrieving the Configuration ... 4-11 Restoring the WAG302 to the Factory Default Settings ... 4-11 Using the Reset Button to Restore Factory Default Settings ...4-12 Rebooting the Access Point ...4-12 Changing the Administrator Password ...4-13...
Page 9
Enabling Wireless Bridging and Repeating ...5-9 How to Configure a WAG302 as a Point-to-Point Bridge ...5-10 How to Configure Multi-Point Wireless Bridging ... 5-11 How to Configure Wireless Repeating ...5-13 Chapter 6 Troubleshooting No lights are lit on the access point..6-1 The Wireless LAN activity light does not light up.
Page 10
What are the Key Features of WPA Security? ... B-12 WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS ... B-14 WPA Data Encryption Key Management ... B-16 Is WPA Perfect? ... B-18 Product Support for WPA ... B-18 Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged ... B-18 Changes to Wireless Access Points ...
This guide uses the following formats to highlight special messages: Note: This format is used to highlight information of importance or special interest. This manual is written for the WAG302 Access Point according to these specifications.: Table 1-2. Manual Scope...
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 How to Use This Manual The HTML version of this manual includes the following: • Buttons, at a time • button that displays the table of contents and an link in the table of contents or index to navigate directly to where the topic is described in the manual.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 How to Print this Manual To print this manual you can choose one of the following several options, according to your needs. • Printing a Page in the HTML View.
Page 14
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 About This Manual 202-10078-01...
About the WAG302 ProSafe Dual Band Wireless Access Point The WAG302 ProSafe Dual Band Wireless Access Point is the basic building block of a wireless LAN infrastructure. It provides connectivity between Ethernet wired networks and radio-equipped wireless notebook systems, desktop systems, print servers, and other devices.
• DHCP Client Support. DHCP provides a dynamic IP address to PCs and other devices upon request. The WAG302 can act as a client and obtain information from your DHPC server. • SNMP Support. Support for Simple Network Management Protocol (SNMP) Management Information Base (MIB) management.
Secure and Economical Operation. Adjustable power output allows more secure or economical operation. • Power over Ethernet. Power can be supplied to the WAG302 over the Ethernet port from any 802.3af compliant mid-span or end-span source such as the NETGEAR FSM7326P Managed Power over Ethernet Layer 3 managed switch.
Roaming among access points on the same subnet Autosensing Ethernet Connections with Auto Uplink The WAG302 can connect to a standard Ethernet network. The LAN interface is autosensing and capable of full-duplex or half-duplex operation. The wireless access point incorporates Auto Uplink automatically sense whether the Ethernet cable plugged into the port should have a ‘normal’...
You should keep the Support Information card, along with the original packing materials, and use the packing materials to repack the WAG302 if you need to return it for repair. To qualify for product updates and product warranty registrations, we encourage you to register on the NETGEAR Web site at: http://www.NETGEAR.com.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Hardware Description Front Panel The WAG302 front and rear hardware functions are described below. Figure 2-1: WAG302 front panel The following table explains the LED indicators: DESCRIPTION Power Indicator No power.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 DESCRIPTION LINK/ACT LAN Ethernet LAN Link Activity Indicator Indicates no Ethernet link detected. Green On 100 Mbps Fast Ethernet link detected, no activity. Green Blink Indicates data traffic on the 100Mbps Ethernet LAN.
Page 22
Serial Console Port Male DB-9 serial port for serial DTE connections. • RJ-45 Ethernet Port Use the WAG302 Ethernet RJ-45 port to connect to an Ethernet LAN through a device such as a hub, switch, router, or POE switch. • Power Socket This socket connects to the WAG302 12V 1.2A power adapter.
Basic Installation and Configuration This chapter describes how to set up your WAG302 ProSafe Dual Band Wireless Access Point for wireless connectivity to your LAN. This basic configuration will enable computers with 802.11b or 802.11a/g wireless adapters to do such things as connect to the Internet, or access printers and files on your LAN.
WEP connections can take slightly longer to establish. Also, WEP encryption can consume more battery power on a notebook computer. Cabling Requirements The WAG302 Access Point connects to your LAN via twisted-pair Category 5 Ethernet cable with RJ-45 connectors. Appendix A, “Specifications.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Default Factory Settings When you first receive your WAG302, the default factory settings will be set as shown below. You can restore these defaults with the Factory Default Restore switch on the rear panel — see “WAG302 front panel”...
Your wireless data transmissions can be received well beyond your walls by anyone with a compatible adapter. For this reason, use the security features of your wireless equipment. The WAG302 Access Point provides highly effective security features which are covered in detail in this chapter. Deploy the security features appropriate to your needs.
WAG302 A ET UP THE Tip: Before mounting the WAG302 in a high location, first set up and test the WAG302 to verify wireless network connectivity. Prepare a computer with an Ethernet adapter. If this computer is already part of your network, record its TCP/IP configuration settings.
Page 28
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 ONFIGURE Configure the WAG302 Ethernet port for LAN access. • Connect to the WAG302 by opening your browser and entering in the address field. A login window appears.
Page 29
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 • The Web browser will then display the WAG302 General information page. Figure 3-3: Login result: WAG302 General information page – When the wireless access point is connected to the Internet, click the Knowledge Base or the Documentation link under the Web Support menu to view support information or the documentation for the wireless access point.
Page 30
Access Point Name: This unique name is the access point NetBIOS name. The default Access Point Name is located on the bottom label of WAG302. You may modify the default name with a unique name up to 15 characters long. The default is netgearxxxxxx, where xxxxxxx represents the last 6 digits of the WAG302 MAC address.
Page 31
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 – Country/Region: This field identifies the region where the WAG302 can be used. It may not be legal to operate the wireless features of the wireless access point in a region other than one of those identified in this field.
Page 32
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Click the Wireless Settings11a link in the Setup section of the main menu to view the Wireless Settings 11a menu. Figure 3-5: Wireless Settings 11a menu Click the Wireless Settings 11b/g link in the Setup section of the main menu to view the Wireless Settings 11b/g menu.
Page 33
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Now that you have finished the setup steps, you are ready to deploy the WAG302 in your network. If needed, you can now reconfigure the computer you used in step 1 back to its original TCP/IP settings.
192.168.0.230 is the default IP address of your access point. The WAG302 is set by default with the DHCP client disabled. Note: The computer you are using to connect to the WAG302 should be configured with an IP address that starts with 192.168.0.x and a Subnet Mask of 255.255.255.0.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Understanding Basic Wireless Settings Wireless Settings 11a To configure the wireless settings of your wireless access point, click the Wireless Settings 11b/g link in the Basic section of the main menu of the browser interface. The Wireless Settings 11b/g menu will appear, as shown below.
Page 36
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 – A group of Wireless Stations and a single access point, all using the same ID (SSID), form a Basic Service Set (BSS). – Using the same SSID is essential. Devices with different SSIDs are unable to communicate with each other.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 – In “Infrastructure” mode, wireless stations normally scan all channels, looking for an access point. If more than one access point can be used, the one with the strongest signal is used.
Page 38
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 The Wireless Settings 11b/g menu options are discussed below: • Turn Radio On. On by default, you can also turn off the radio to disable access through this device.
Page 39
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 – 11g Only – Only 802.11g wireless stations can be used. – 11b Only – All 802.11b wireless stations can be used. 802.11g wireless stations can still be used if they can operate in 802.11b mode.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Note: Output power is automatically adjusted by AutoCell when the Auto RF Management option is enabled. The default setting is for the AutoCell Auto RF Management option to be enabled.
Page 41
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Note: You must configure Radius Server Settings (see Legacy 802.1x or WPA with Radius option. • Data Encryption: Select the desired option. If enabled (64 bit, 128 bit or 152 bits) the keys must be entered, and other wireless stations must use the same keys.
• SSID: The Service Set Identification (SSID) identifies the wireless local area network. NETGEAR_11a is the default WAG302 SSID. However, you may customize it by using up to 32 alphanumeric characters. Write your customized SSID on the line below. ___________________________________ Note: The SSID in the wireless access point is the SSID you configure in the wireless adapter card.
• SSID: The Service Set Identification (SSID) identifies the wireless local area network. NETGEAR_11g is the default WAG302 SSID. However, you may customize it by using up to 32 alphanumeric characters. Write your customized SSID on the line below. ___________________________________ Note: The SSID in the wireless access point is the SSID you configure in the wireless adapter card.
Program the wireless adapter of your PCs to have the same SSID and channel that you configured in the WAG302. Check that they have a wireless link and are able to obtain an IP address by DHCP from the WAG302.
LAN address and password you have set up. Note: When configuring the WAG302 from a wireless computer whose MAC address is not in the access control list, if you select Turn Access Control On, you will lose your wireless connection when you click Apply.
Add new Station Manually: Use this to add the MAC address of the wireless stations to the Trusted Wireless Stations list. Now, only devices on this list will be allowed to wirelessly connect to the WAG302. How to Configure WEP...
Page 47
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Click the WEP/WPA Settings link in the main menu of the WAG302. WEP/WPA Settings 11a menu Figure 3-12: WEP/WPA Settings menus for 11a and 11bg Choose Open System or Shared Key authentication.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Note: If you use a wireless computer to configure WEP settings, you will be disconnected when you click Apply. Reconfigure your wireless adapter to match the new settings or access the wireless access point from a wired computer to make any further changes.
Page 49
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 From the Security menu, click Radius Server Settings link to display the Radius Server Settings menu shown below. Figure 3-13: Radius Server Settings menu Authentication/Access Control Radius Server Configuration: This configuration is required for authentication using Radius.
Page 50
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 • IP Address: The IP address of the Radius Server. The default is 0.0.0.0 • Port Number: Port number of the Radius Server. The default is 1813. •...
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 How to Configure WPA-PSK Note: Not all wireless adapters support WPA. Furthermore, client software is required on the client. Windows XP and Windows 2000 with Service Pack 3 or above do include the client software that supports WPA.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Using the Basic IP Settings Options The Basic IP Settings menu is under the Basic heading of the main menu. Use this menu to configure DHCP, static IP, and access point access point name settings.
Page 53
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 If your network has a requirement to use a different IP addressing scheme, you can make those changes in this menu. These settings are only required if the “Use this IP address” radio button is chosen.
Page 54
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 3-32 Basic Installation and Configuration 202-10078-01...
This chapter describes how to use the management features of your WAG302 ProSafe Dual Band Wireless Access Point. These features can be found by clicking on the Maintenance heading in the Main Menu of the browser interface. Remote Management The Remote Management screen lets you enable remote console and specify the simple network management protocol (SNMP) parameters.
The default is 0.0.0.0. Using the Secure Telnet Interface The WAG302 includes a secure Telnet command line interface (CLI). You can access the CLI from a secure Telnet client over the Ethernet port or over the serial console port.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Press the return key, and the screen below should appear. Figure 4-2: Secure Telnet Client The login name is admin and password is the default password. After successful login, the screen should show the (Access Point Name)> prompt. In this example, the prompt is netgear74F35E.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Using Syslog and Activity Log Information The Information contains the activity log link you can use for setting up a syslog server and viewing activity log information. From the main menu of the browser interface, under the Information heading, click the Station List link to view the list, shown below.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Viewing General and Statistical Information General Information The General information screen provides a summary of the current WAG302 configuration settings. From the main Menu of the browser interface, click General to view the System Status screen, shown below.
Page 60
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 This screen shows the following parameters: Table 4-1. General Information Fields Field Description Access Point Information Access Point Name The default name may be changed if desired. (NetBIOS name)
Page 61
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Table 4-1. General Information Fields Field Description Current Wireless Settings 11b/g Access Point Mode Identifies the operating mode of the WAG302: Access Point, Point-to-point bridge, Multi-point bridge or Repeater.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Statistics The Information - Statistics screen provides various LAN and WLAN statistics. Figure 4-5: Wireless Access Point Status screen Table 4-1. Statistics Fields Field Description Wired Ethernet Received/Transmitted Packets The number of packets sent since the WAG302 was restarted.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Table 4-1. Statistics Fields (continued) Field Description Wireless 11b/g Received/Transmitted Unicast Packets The Unicast packets sent since the WAG302 was restarted. Broadcast Packets The Broadcast packets sent since the WAG302 was restarted.
The firmware upgrade must be performed via a workstation connected to the WAG302 via the Ethernet LAN interface. The software of the WAG302 Access Point is stored in FLASH memory, and can be upgraded as new software is released by NETGEAR. Upgrade files can be downloaded from Netgear's Web site.
Browse button to locate the file. When you have located it, click the Retrieve button to upload the file. After completing the upload, the WAG302 will reboot automatically. Restoring the WAG302 to the Factory Default Settings It is sometimes desirable to restore the wireless access point to the factory default settings.
Continue holding the Reset Button until the LEDs blink twice. Release the Reset Button. The factory default configuration has now been restored and the WAG302 is ready for use. Rebooting the Access Point Click Reboot AP under Management on the main menu.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Changing the Administrator Password The default password is password. Change this password to a more secure password. You cannot change the administrator login name. From the main menu of the browser interface, under the Management heading, click Change Password to bring up the menu shown below.
Page 68
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 4-14 Management 202-10078-01...
This chapter describes how to configure the advanced features of your WAG302 ProSafe Dual Band Wireless Access Point: • IP Settings: Use the AP as a DHCP server for wireless clients. • Wireless Settings: Set up AutoCell and configure advanced wireless LAN parameters.
Page 70
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Figure 5-1: Advanced IP Settings for Wireless Clients screen You may configure the Advanced IP Settings for Wireless Clients if you are a network system administrator. • Use AP as DHCP Server: You may turn on this option and the Access Point will function as a DHCP Server for Wireless Clients only.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 – Subnet Mask: The Access Point will assign the specified subnet mask to the connected wireless stations. – Gateway Address: The Access Point will assign this IP address as the default gateway for any traffic beyond the local network.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Advanced Wireless Settings 11a menu Figure 5-2: Advanced Wireless Settings menus for 11a and 11b/g AutoCell RF Management AutoCell provides advanced RF wireless management features that improve performance and enhance security.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Configuration Figure 5-3: Advanced Wireless Settings screen AutoCell Setup options The advanced wireless settings are as follows: • AutoCell Auto RF Management: AutoCell discovers other Wi-Fi devices and includes them in its inventory, then tunes the network to avoid interference and maximize performance.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Enhanced RF Security ‘Stealth Mode’ Note: Broadcast Wireless Network Name (SSID) is automatically turned off when you select the AutoCell Enhanced RF Security option. In this mode, AutoCell shrinks the size of coverage to the minimum to reach clients but also shrinks the size of the beacons that access points use to announce their presence.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Additional AutoCell View Management Options Figure 5-4: AutoCell View wireless network AutoCell View is an available management tool that provides sophisticated views of your wireless network and enables managing the wireless communications easily from a simple console.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Configuring Wireless LAN Parameters The default advanced wireless LAN parameter settings usually work well. If you want the AP to operate in Super-A/G mode, use this feature. Figure 5-5: Advanced Wireless Settings screen The wireless LAN parameters are as follows: •...
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Enabling Wireless Bridging and Repeating The WAG302 ProSafe Dual Band Wireless Access Point lets you build large bridged wireless networks. Advanced Access Point Settings 11a menu Figure 5-6: Advanced Wireless Settings Access Point Mode settings (11a and 11b/g) Select the desired Access Point mode for your environment: •...
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 • Wireless Point-to-Multi-Point Bridge: Select this only if this WAG302 is the "Master" for a group of Bridge-mode Wireless Stations. The other Bridge-mode Wireless Stations must be set to Point-to-Point Bridge mode, using this WAG302's MAC address.
WAG302 (AP1) on LAN Segment 1 in Point-to-Point Bridge mode with the Remote MAC Address of AP2. • Because it is in the central location, configure WAG302 (AP2) on LAN Segment 2 in Point-to-Multi-Point Bridge mode. The MAC addresses of the adjacent APs are required in AP2.
Page 80
All APs must be on the same LAN. That is, all the APs LAN IP address must be in the same network. • If using DHCP, all WAG302 Access Points should be set to “Obtain an IP address automatically (DHCP Client)” in the IP Address Source portion of the Basic IP Settings menu.
Figure 5-9: Multi-Point bridging Configure the Operating Mode of the WAG302 Access Points. • WAG302 (AP1) on LAN Segment 1 in Repeater mode with the Remote MAC Address of AP2. • Configure WAG302 (AP2) in Repeater mode with MAC addresses of AP1 and AP3.
Page 82
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 A computer on any LAN segment should be able to connect to the Internet or share files and printers with any other PCs or servers connected to any of the three WLAN segments.
If it is plugged directly into the wall, verify that it is not a switched outlet. • Make sure you are using the correct NETGEAR power adapter supplied with your access point. Troubleshooting Troubleshooting 3-5.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 The Wireless LAN activity light does not light up. The access point’s antennae are not working. • If the Wireless LAN activity light stays off, disconnect the adapter from its power source and then plug it in again.
Mask of 255.255.255.0 with DHCP disabled. Make sure your network configuration settings are correct. • If you are using the NetBIOS name of the WAG302 to connect, ensure that your computer and the WAG302 are on the same network segment or that there is a WINS server on your network.
Use something with a small point, such as a pen, to press the Reset button in and hold it in for at least 5 seconds. Release the Reset button. The factory default configuration has now been restored, and the WAG302 is ready for use. 2-7) has two functions: 202-10078-01...
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 This appendix provides technical specifications for the WAG302 ProSafe Dual Band Wireless Access Point. Specifications for the WAG302 Parameter WAG302 ProSafe Dual Band Wireless Access Point 802.11a Data Rates 6, 9, 12, 18, 24, 36, 48, 54, and 108 Mbps (Auto-rate capable) 802.11a...
Page 88
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Specifications 202-10078-01...
This chapter provides an overview of Wireless networking. Wireless Networking Overview The WAG302 Access Point conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.11a, 802.11b, and 802.11g standards for wireless LANs (WLANs). • IEEE 802.11a uses Orthogonal Frequency Division Multiplexing (OFDM), a new encoding scheme that offers certain benefits over a spread spectrum in channel availability and data rate.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 In the infrastructure mode, the wireless access point converts airwave data into wired Ethernet data, acting as a bridge between the wired LAN and wireless clients. Connecting multiple Access Points via a wired Ethernet backbone can further extend the wireless network coverage.
The 802.11 standard defines several services that govern how two 802.11 devices communicate. The following events must occur before an 802.11 Station can communicate with an Ethernet network through an access point, such as the one built in to the WAG302: Turn on the wireless station.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 • Shared Key Authentication requires that the station and the access point have the same WEP Key to authenticate. These two authentication procedures are described below. Open System Authentication The following steps occur when two devices use Open System Authentication: The station sends an authentication request to the access point.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 The station connects to the network. If the decrypted text does not match the original challenge text (the access point and station do not share the same WEP Key), then the access point will refuse to authenticate the station and the station will be unable to communicate with either the 802.11 network or Ethernet network.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 3. Use WEP for Authentication and Encryption: A transmitting 802.11 device encrypts the data portion of every packet it sends using a configured WEP Key. The receiving device decrypts the data using the same WEP Key.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Table B-1: Encryption Key Sizes Encryption Key Size # of Hexadecimal Digits 64-bit (24+40) 128-bit (24+104) Note: Typically, 802.11 access points can store up to four 128-bit WEP Keys but some 802.11 client adapters can only store one.
Page 96
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 channels are 5 MHz apart. However, due to spread spectrum effect of the signals, a node sending signals using a particular channel will utilize frequency spectrum 12.5 MHz above and below the center channel frequency.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 802.11a Wireless Channels IEEE 802.11a utilizes 300 MHz of bandwidth in the 5 GHz Unlicensed National Information Infrastructure (U-NII) band. Though the lower 200 MHz is physically contiguous, the FCC has divided the total 300 MHz into three distinct domains, each with a different legal maximum power output.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 The WAG302 user can use five channels in turbo mode. Table B-4: 802.11a Turbo Mode Off Radio Frequency Channels (Turbo Mode ON) Channel The available channels supported by the wireless products in various countries are different.
Access products. Starting August of 2003, all new Wi-Fi certified products will have to support WPA. NETGEAR will implement WPA on client and access point products and make this available in the second half of 2003. Existing Wi-Fi certified products will have one year to add WPA support or they will lose their Wi-Fi certification.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 How Does WPA Compare to IEEE 802.11i? WPA will be forward compatible with the IEEE 802.11i security specification currently under development. WPA is a subset of the current 802.11i draft and uses certain pieces of the 802.11i draft that are ready to bring to market today, such as 802.1x and TKIP.
Page 101
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods include 802.1X and Pre-shared key. Pre-shared key is an authentication method that uses a statically configured pass phrase on both the stations and the access point.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS Wireless LAN WPA enabled Access Point enabled wireless pre-shared key client with “supplicant” 802.1x Figure B-3: WPA Overview IEEE 802.1x offers an effective framework for authenticating and controlling user traffic to a protected network, as well as providing a vehicle for dynamically varying data encryption keys via EAP from a RADIUS server, for example.
Page 103
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Client with a WPA- enabled wireless adapter and supplicant (Win XP, Funk, Meetinghouse) Figure B-4: 802.1x Authentication Sequence The AP sends Beacon Frames with WPA information element to the stations in the service set.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Temporal Key Integrity Protocol (TKIP) WPA uses TKIP to provide important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism.
Product Support for WPA Starting in August, 2003, NETGEAR, Inc. wireless Wi-Fi certified products will support the WPA standard. NETGEAR, Inc. wireless products that had their Wi-Fi certification approved before August, 2003 will have one year to add WPA so as to maintain their Wi-Fi certification.
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Changes to Wireless Access Points Wireless access points must have their firmware updated to support the following: • The new WPA information element To advertise their support of WPA, wireless APs send the beacon frame with a new 802.11 WPA information element that contains the wireless AP's security configuration (encryption algorithms and wireless security configuration information).
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Microsoft has worked with many wireless vendors to embed the WPA firmware update in the wireless adapter driver. So, to update your Microsoft Windows wireless client, all you have to do is obtain the new WPA-compatible driver and install the driver.
The WAG302 ProSafe Dual Band Wireless Access Point (AP) can be configured either through the command line interface (CLI), a Web browser, or an MIB browser. The CLI allows viewing and modification of the configuration from a terminal or PC through a telnet connection.
Page 110
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 get set del keyword --- --- --- ---------------------- ------------------------------- [X] [X] |-wins [X] [X] | |-primary [X] [X] | ‘-secondary [X] [X] ‘-lease [X] [X] radius [X] [X]...
Page 111
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 get set del keyword --- --- --- ---------------------- ------------------------------- [X] [X] |-antenna [X] [X] |-fragmentationthreshold--wireless fragmentation threshold(even [X] [X] |-rtsthreshold [X] [X] |-beaconinterval [X] [X] |-dtim [X] [X]...
Page 112
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 get set del keyword --- --- --- ---------------------- ------------------------------- [X] [X] |-sec [X] [X] ‘-pkt [X] [X] ‘-autocell [X] [X] |-mode [X] [X] |-super privacy [X] [X] ‘-refresh...
Glossary Use the list below to find definitions for technical terms used in this manual. 10BASE-T IEEE 802.3 specification for 10 Mbps Ethernet over twisted pair wiring. 100BASE-Tx IEEE 802.3 specification for 100 Mbps Ethernet over twisted pair wiring. 802.1x 802.1x defines port-based, network access control used to provide authenticated network access and automated data encryption key management.
Page 114
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Address Resolution Protocol, a TCP/IP protocol used to convert an IP address into a physical address (called a DLC address), such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address.
Page 115
.com, .edu, .uk, etc. For example, in the address mail.NETGEAR.com, mail is a server name and NETGEAR.com is the domain. Short for digital subscriber line, but is commonly used in reference to the asymmetric version of this technology (ADSL) that allows data to be sent over existing copper telephone lines at data rates of from 1.5...
Page 116
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Internet Protocol is the main internetworking protocol used in the Internet. Used in conjunction with the Transfer Control Protocol (TCP) to form TCP/IP. IP Address A four-byte number uniquely defining each host on the Internet, usually written in dotted-decimal notation with periods separating the bytes (for example, 134.177.244.57).
Page 117
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 A technique by which several hosts share a single IP address for access to the Internet. NetBIOS for sharing services Network Basic Input Output System. An application programming interface (API) and information on l ocal-area networks (LANs).
Page 118
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 SSID A Service Set Identification is a thirty-two character (maximum) alphanumeric key identifying a wireless local area network. For the wireless devices in a network to communicate with each other, all devices must be configured with the same SSID.
Page 119
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 If a remote network contains a WINS server, your Windows PCs can gather information from that WINS server about its local hosts. This allows your PCs to browse that remote network using the Windows Network Neighborhood feature.
Page 120
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302 Glossary 202-10078-01...
Need help?
Do you have a question about the WAG302 and is the answer not in the manual?
Questions and answers