Summary of Contents for ZyXEL Communications ZyXEL ZyAIR B-1000
Page 1
ZyAIR Access Point Series User's Guide Version 3.50 October 2003...
Page 2
Trademarks ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Federal Communications Commission This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
ZyAIR Access Point Series User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or...
Copyright... ii Federal Communications Commission (FCC) Interference Statement...iii ZyXEL Limited Warranty ... iv Customer Support... v List of Figures ... xi List of Tables ... xv Preface ... xvii OVERVIEW...I Chapter 1 Getting to Know Your ZyAIR...1-1 Introducing the ZyAIR Access Point Series ...1-1 ZyAIR Features...1-1 Applications for the ZyAIR ...1-6 1.3.1...
Page 8
Configuring IP ...8-2 LOGS ...III Chapter 9 Logs Screens ...9-1 Configuring View Log...9-1 Configuring Log Settings...9-2 MAINTENANCE...IV Chapter 10 Maintenance ...10-1 10.1 Maintenance Overview ...10-1 10.2 System Status Screen ...10-1 10.2.1 System Statistics ...10-2 10.3 Wireless Screen...10-3 10.3.1 Association List ...10-3 10.3.2 Channel Usage ...10-4 10.4 F/W Upload Screen...10-7...
Page 9
16.1 About SNMP...16-1 16.2 Supported MIBs ...16-2 16.3 SNMP Configuration ...16-2 16.4 SNMP Traps...16-3 Chapter 17 System Security ...17-1 17.1 System Security...17-1 17.1.1 System Password...17-1 17.1.2 Configuring External RADIUS Server...17-1 17.1.3 802.1x...17-3 Chapter 18 System Information and Diagnosis...18-1 18.1 System Status ...18-1 18.2 System Information...18-3 18.2.1 System Information ...18-3...
Page 10
ZyAIR Access Point Series User’s Guide Appendix F Types of EAP Authentication ... F-1 Appendix G Power over Ethernet Specifications ...G-1 Appendix H Antenna Selection and Positioning Recommendation...H-1 Appendix I PPPoE ... I-1 Appendix J PPTP...J-1 Appendix K IP Subnetting ...K-1 Appendix L Command Interpreter ...
ZyAIR Access Point Series User’s Guide List of Figures Figure 1-1 PoE Installation Example ... 1-3 Figure 1-2 WDS Functionality Example... 1-5 Figure 1-3 Internet Access Application... 1-7 Figure 1-4 Corporation Network Application ... 1-7 Figure 2-1 Change Password Screen... 2-1 Figure 2-2 The MAIN MENU Screen of the Web Configurator...
Page 12
ZyAIR Access Point Series User’s Guide Figure 9-2 Log Settings ...9-3 Figure 10-1 System Status ...10-1 Figure 10-2 System Status: Show Statistics...10-2 Figure 10-3 Association List...10-4 Figure 10-4 Channel Usage (ZyAIR B-1000)...10-5 Figure 10-5 Channel Usage ...10-6 Figure 10-6 Firmware Upload ...10-7 Figure 10-7 Firmware Upload In Process ...10-8 Figure 10-8 Network Temporarily Disconnected...10-8 Figure 10-9 Firmware Upload Error ...10-9...
Page 13
ZyAIR Access Point Series User’s Guide Figure 17-3 Menu 23.2 System Security : RADIUS Server ... 17-2 Figure 17-4 Menu 23 System Security... 17-3 Figure 17-5 Menu 23.4 System Security : IEEE802.1x ... 17-4 Figure 18-1 Menu 24 System Maintenance ... 18-1 Figure 18-2 Menu 24.1 System Maintenance : Status...
ZyAIR Access Point Series User’s Guide List of Tables Table 1-1 Model Specific Features... 1-1 Table 3-1 Wizard 1 : General Setup ... 3-3 Table 3-2 Wizard 2 : Wireless LAN Setup ... 3-4 Table 3-3 Private IP Address Ranges ... 3-5 Table 3-4 Wizard 3 : IP Address Assignment ...
Page 16
ZyAIR Access Point Series User’s Guide Table 13-6 Menu 3.5.3.1 ESS x Configuration...13-10 Table 13-7 Menu 3.5.4 Bridge Link Configuration ...13-12 Table 14-1 Menu 14.1- Edit Dial-in User ...14-2 Table 15-1 Menu 16 VLAN Setup...15-1 Table 16-1 Menu 22 SNMP Configuration ...16-3 Table 16-2 SNMP Traps...16-4 Table 16-3 Ports and Interface Types...16-4 Table 17-1 Menu 23.2 System Security : RADIUS Server...17-2...
Congratulations on your purchase from the ZyAIR Access Point (AP) series. An AP acts as a bridge between the wireless and wired networks, extending your existing wired network without any additional wiring. Some features are not available in every model. Refer to the Model Specific Features table in Chapter 1 of this user’s guide to see what features are specific to This User’s Guide is designed to guide you through the configuration of your ZyAIR using the web configurator or the SMT.
Page 18
Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.
Overview OVERVIEW This part introduces the main features and applications of ZyAIR and shows how to access the web configurator and use the Wizard to configure for Internet Access.
Introducing the ZyAIR Access Point Series The ZyAIR Access Point extends the range of your existing wired network without any additional wiring efforts. The ZyAIR provides easy network access to mobile users. The ZyAIR offers highly secured wireless connectivity to your wired network with IEEE 802.1x, WEP data encryption and MAC address filtering. The ZyAIR is easy to install and configure.
FEATURES Power over Ethernet Bridge/Repeater AP & WDS (Wireless Distribution System) Support Concurrently Table Key: An “O” in a model’s column shows that the model has the specified feature. A number specific to an individual model may alternately be displayed. The information in this table was correct at the time of writing, although it may be subject to change.
Bridge/Repeater A Bridge/Repeater link LED turns steady on green when your ZyAIR acts as a bridge, establishing a wireless link to another AP. It turns steady on orange when your ZyAIR acts as a repeater, establishing wireless links to two or more APs. Power over Ethernet (PoE) Power over Ethernet (PoE) is the ability to provide power to your ZyAIR via an 8-pin CAT 5 Ethernet cable, eliminating the need for a nearby power source.
ZyAIR Access Point Series User’s Guide The ZyAIR may be prone to RF (Radio Frequency) interference from other 2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth enabled devices, and other wireless LANs. Output Power Management Output Power Management is the ability to set the level of output power. There may be interference or difficulty with channel assignment when there is a high density of APs within a coverage area.
ZyAIR Access Point Series User’s Guide Wireless LAN MAC Address Filtering Your ZyAIR checks the MAC address of the wireless station against a list of allowed or denied MAC addresses. IEEE 802.1x Network Security The ZyAIR supports the IEEE 802.1x standard to enhance user authentication. Use the built-in user profile database to authenticate up to 32 users using MD5 encryption.
(System Management Terminal) interface. The SMT is a menu-driven interface that you can access from a terminal emulator over a telnet connection. Logging and Tracing ♦ Built-in message logging and packet tracing. ♦ Unix syslog facility support. Embedded FTP and TFTP Servers The ZyAIR’s embedded FTP and TFTP servers enable fast firmware upgrades as well as configuration file backups and restoration.
ZyAIR Access Point Series User’s Guide Figure 1-3 Internet Access Application 1.3.2 Corporation Network Application In situations where users are always on the move in the coverage area but still need access to corporate network access, the ZyAIR is an ideal solution for wireless stations to connect to the corporate network without expensive network cabling.
Introducing the Web Configurator This chapter describes how to access the ZyAIR web configurator and provides an overview of its Accessing the ZyAIR Web Configurator Step 1. Make sure your ZyAIR hardware is properly connected (refer to the Quick Installation Guide). Step 2.
The ZyAIR automatically times out after five minutes of inactivity. Simply log back Resetting the ZyAIR If you forget your password or cannot access the ZyAIR, you will need to reload the factory-default configuration file or use the RESET button on the top panel of the ZyAIR. Uploading this configuration file replaces the current configuration file with the factory-default configuration file.
Navigating the ZyAIR Web Configurator We use the ZyAIR B-3000 web configurator in this guide as an example. The web configurator screens for your model may vary slightly for different ZyAIR models. The following summarizes how to navigate the web configurator from the MAIN MENU screen. Follow the instructions you see in the MAIN MENU screen or click the (located in the top right corner of most screens) to view online help.
ZyAIR Access Point Series User’s Guide Chapter 3 Wizard Setup This chapter provides information on the Wizard Setup screens in the web configurator. Wizard Setup Overview The web configurator’s setup wizard helps you configure your ZyAIR for wireless stations to access your wired LAN.
ZyAIR Access Point Series User’s Guide Wizard Setup: General Setup General Setup contains administrative and system-related information. Figure 3-1 Wizard 1 : General Setup The following table describes the labels in this screen. Wizard Setup...
LABEL System Name It is recommended you type your computer's "Computer name". In Windows 95/98 click Start, Settings, Control Panel, Network. Click the Identification tab, note the entry for the Computer Name field and enter it as the System Name. In Windows 2000, click Start, Settings, Control Panel and then double-click System.
The following table describes the labels in this screen. LABEL Wireless LAN Setup ESSID Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN. If you change this field on the ZyAIR, make sure all wireless stations use the same ESSID in order to access the network.
Table 3-2 Wizard 2 : Wireless LAN Setup LABEL WEP Encryption Select Disable allows all wireless computers to communicate with the access points without any data encryption. Select 64-bit WEP or 128-bit WEP to allow data encryption. ASCII Select this option in order to enter ASCII characters as the WEP keys. Select this option to enter hexadecimal characters as the WEP keys.
ZyAIR Access Point Series User’s Guide You can obtain your IP address from the IANA, from an ISP or have it assigned by a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks.
Figure 3-3 Wizard 3 : IP Address Assignment The following table describes the labels in this screen. Table 3-4 Wizard 3 : IP Address Assignment LABEL IP Address Assignment Get automatically Select this option if your ZyAIR is using a dynamically assigned IP address from a DHCP server each time.
Table 3-4 Wizard 3 : IP Address Assignment LABEL Gateway IP Address Type the IP address of the gateway. The gateway is an immediate neighbor of your ZyAIR that will forward the packet to the destination. On the LAN, the gateway must be a router on the same segment as your ZyAIR;...
Page 41
ZyAIR Access Point Series User’s Guide Well done! You have successfully set up your ZyAIR to operate on your network and access the Internet. Wizard Setup...
System, Wireless, VLAN and IP Part II: SYSTEM, WIRELESS, VLAN AND IP This part covers the information and web configurator screens of System, Wireless, VLAN and IP.
System Overview This section provides information on general system setup. Configuring General Setup Click ADVANCED and then SYSTEM to open the General screen. The following table describes the labels in this screen. System Screens ZyAIR Access Point Series User’s Guide This chapter provides information on the System screens.
LABEL System Name Type a descriptive name to identify the ZyAIR in the Ethernet network. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes "-" and underscores "_" are accepted. Domain Name This is not a required field. Leave this field blank or enter the domain name here if you know it.
The following table describes the labels in this screen. LABEL Old Password Type in your existing system password (1234 is the default password). New Password Type your new system password (up to 31 characters). Note that as you type a password, the screen displays an asterisk (*) for each character you type.
The following table describes the labels in this screen. LABEL Time Protocol Select the time service protocol that your time server sends when you turn on the ZyAIR. Not all time servers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works.
Page 49
LABEL Time Server Enter the IP address or the URL of your time server. Check with your ISP/network Address administrator if you are unsure of this information. Current Time This field displays the time of your ZyAIR. (hh:mm:ss) Each time you reload this page, the ZyAIR synchronizes the time with the time server.
ZyAIR Access Point Series User’s Guide Chapter 5 Wireless Configuration and Roaming This chapter discusses how to configure Wireless and Roaming screens on the ZyAIR. Some features such as Multiple-ESS are not available on all models. Wireless LAN Overview This section introduces the wireless LAN (WLAN) and some basic scenarios. 5.1.1 IBSS An Independent Basic Service Set (IBSS), also called an Ad-hoc network, is the simplest WLAN configuration.
ZyAIR Access Point Series User’s Guide Figure 5-2 Basic Service set 5.1.3 ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS).
ZyAIR Access Point Series User’s Guide Figure 5-3 Extended Service Set Wireless LAN Basics Refer also to the Wizard Setup chapter for more background information on Wireless LAN features, such as channels. 5.2.1 RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other.
ZyAIR Access Point Series User’s Guide Figure 5-4 RTS/CTS When station A sends data to the ZyAIR, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
ZyAIR Access Point Series User’s Guide A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size.
The following table describes the general wireless LAN labels in this screen. LABEL Operating Mode Select the operating mode from the drop-down list. Options are Access Point, Multiple ESS and Bridge. The screen changes when you select Multiple ESS or Bridge in this field. Refer to the Multiple ESS and VLAN chapter for more information on multiple ESS.
Configuring Bridge The ZyAIR can function as a wireless network bridge allowing you to wirelessly connect two wired network segments. You need to know the MAC address of the peer device, which also must be in bridge mode. In the example below, Computers B and C will be able to communicate with Computer A through the ZyAIR bridges, forming a Wireless Distribution System (WDS).
ZyAIR Access Point Series User’s Guide Figure 5-8 Bridge Loop: Bridge Connected to Wired LAN To prevent bridge loops, ensure that your ZyAIR is not set to bridge mode while connected to both wired and wireless segments of the same LAN. Click ADVANCED and WIRELESS.
The following table describes the bridge labels in this screen. LABEL Operating Mode Select Bridge in this field to display the screen as shown in Figure 5-9. Peer Bridge Type the MAC address of the peer device in a valid MAC address format, that is, six MAC Address hexadecimal character pairs, for example, 12:34:56:78:9a:bc.
ZyAIR Access Point Series User’s Guide Configuring Roaming A wireless station is a device with an IEEE 802.11b compliant wireless adapters. An access point (AP) acts as a bridge between the wireless and wired networks. An AP creates its own wireless coverage area. A wireless station can associate with a particular access point only if it is within the access point’s coverage area.
The steps below describe the roaming process. Step 1. As wireless station Y moves from the coverage area of access point AP 1 to that of access point AP 2, it scans and uses the signal of access point AP 2. Step 2.
LABEL Active Select Yes from the drop-down list box to enable roaming on the ZyAIR if you have two or more ZyAIRs on the same subnet. All APs on the same subnet and the wireless stations must have the Port # Enter the port number to communicate roaming information between access points.
This chapter describes how to use the MAC Filter, 802.1x, Local User Database and RADIUS to Wireless Security Overview Wireless security is vital to your network to protect wireless communication between wireless stations, access points and the wired network. The figure below shows the possible wireless security levels on your ZyAIR. The highest security level relies on EAP (Extensible Authentication Protocol) for authentication and utilizes dynamic WEP key exchange.
6.2.2 Authentication Three different methods can be used to authenticate wireless stations to the network: Open System, Shared Key, and Auto. The following figure illustrates the steps involved. Wireless Station Open System Authentication Open System Request Shared Key Authentication Shared Key Request Encrypted Challenge Text Open system authentication involves an unencrypted two-message procedure.
ZyAIR Access Point Series User’s Guide When your ZyAIR's authentication method is set to open system, it will only accept open system authentication requests. The same is true for shared key authentication. However, when it is set to auto authentication, the ZyAIR will accept either type of authentication request and the ZyAIR will fall back to use open authentication if the shared key does not match.
The following table describes the wireless LAN security labels in this screen. LABEL Select Disable to allow wireless stations to communicate with the access points without Encryption any data encryption. Select 64-bit WEP or 128-bit WEP to enable data encryption. Authentication Select Auto, Open System or Shared Key from the drop-down list box.
ZyAIR Access Point Series User’s Guide Table 6-1 Wireless LABEL DESCRIPTION Reset Click Reset to begin configuring this screen afresh. MAC Filter The MAC filter screen allows you to configure the ZyAIR to give exclusive access to up to 32 devices (Allow Association) or exclude up to 32 devices from accessing the ZyAIR (Deny Association).
ZyAIR Access Point Series User’s Guide Figure 6-4 MAC Address Filter The following table describes the labels in this screen. Table 6-2 MAC Address Filter LABEL DESCRIPTION Active Select Yes from the drop down list box to enable MAC address filtering. Wireless Security...
LABEL Filter Action Define the filter action for the list of MAC addresses in the MAC address filter table. Select Deny Association to block access to the router, MAC addresses not listed will be allowed to access the router. Select Allow Association to permit access to the router, MAC addresses not listed will be denied access to the router.
• Access-Reject Sent by a RADIUS server rejecting access. • Access-Accept Sent by a RADIUS server allowing access. • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access-Request message. The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting: •...
Wireless Station The details below provide a general description of how IEEE 802.1x EAP authentication works. For an example list of EAP-MD5 authentication steps, see the IEEE 802.1x appendix. • The wireless station sends a “start” message to the ZyAIR. •...
Introduction to Local User Database By storing user profiles locally on the ZyAIR, your ZyAIR is able to authenticate wireless users without interacting with a network RADIUS server. However, there is a limit on the number of users you may authenticate in this way.
LABEL Wireless Port To control wireless stations access to the wired network, select a control method from Control the drop-down list box. Choose from No Authentication Required, Authentication Required and No Access Allowed. No Authentication Required allows all wireless stations access to the wired network without entering usernames and passwords.
Page 74
LABEL Authentication This field is activated only when you select Authentication Required in the Wireless Databases Port Control field. The authentication database contains wireless station login information. The local user database is the built-in database on the ZyAIR. The RADIUS is an external server.
ZyAIR Access Point Series User’s Guide 6.10 Configuring Local User Database To change your ZyAIR’s local user database, click ADVANCED, WIRELESS and then the Local User Database tab. The screen appears as shown. Figure 6-7 Local User Database Wireless Security 6-13...
The following table describes the labels in this screen. LABEL Active Select this check box to activate the user profile. User Name Enter the username (up to 31 characters) for this user profile. Password Type a password (up to 31 characters) for this user profile. Note that as you type a password, the screen displays a (*) for each character you type.
The following table describes the labels in this screen. LABEL Authentication Server Active Select Yes from the drop-down list box to enable user authentication through an external authentication server. Select No to enable user authentication using the local user profile on the ZyAIR. Server IP Address Enter the IP address of the external authentication server in dotted decimal notation.
Wireless LAN Infrastructures See the Wizard Setup and Wireless Configuration chapters for some basic WLAN scenarios and terminology. 7.1.1 Multiple ESS Traditionally, you needed different APs to configure different ESSs. As well as the cost of buying extra APs, there was also the possibility of channel interference. The ZyAIR’s Multiple ESS (Multi-ESS) function allows multiple ESSs to be configured on just one access point (the ZyAIR).
ZyAIR Access Point Series User’s Guide Station 1 relays communications via the ZyAIR within the Multi-ESS coverage area and with AP X if it moves to the RD ESS coverage area. Similarly, station 2 relays communications via the ZyAIR within the Multi-ESS coverage area and with AP Y if it moves to the Sales ESS coverage area.
ZyAIR Access Point Series User’s Guide If no devices are in the management VLAN, then no one will be able to access the ZyAIR and you will have to restore the default configuration file. 7.2.2 Multi-ESS with VLAN Example In this example, VLAN 2 is the management VLAN and includes the computers in ESS1 and LAN 1. Computers in ESS2 and LAN 2 belong to VLAN 2.
ZyAIR Access Point Series User’s Guide Figure 7-3 Wireless : Multiple ESS The following table describes the labels in this screen. Multiple ESS and VLAN...
LABEL Operating Mode Select Multiple ESS in this field to display the screen as shown in Figure 7-3. Choose Channel ID Set the operating frequency/channel depending on your particular region. To manually set the ZyAIR to use a channel, select a channel from the drop- down list box.
The following table describes the labels in this screen. LABEL ESSID Enter a descriptive name (up to 32 alphanumeric characters) for identification purposes. This name is case sensitive. Active Select this check box to activate this ESS. VLAN ID Enter a number from 1 to 255. ASCII Select this option to enter ASCII characters as the WEP keys.
LABEL Unicast WEP key Key 1 or Key 2 Key 1 or key 2 is used to encrypt unicast transmissions. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F"). If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal characters ("0-9", "A-F").
The following table describes the labels in this screen. LABEL This is the index number of each ESS. ESSID This is the identification name of each ESS. Status This field displays Disable if the MAC filter is inactive, Association Allowed if the MAC filter is active and filter action is allowed or Association Denied if the MAC filter is active but filter action is denied.
The following table describes the labels in this screen. LABEL Enable VLAN Tagging Select this check box to turn on VLAN tagging. Management VLAN ID Enter a number from 1 to 255 to define this VLAN group. At least one device in your network must belong to this VLAN group in order to manage the ZyAIR.
Factory Ethernet Defaults The Ethernet parameters of the ZyAIR are preset in the factory with the following values: • IP address of 192.168.1.2 • Subnet mask of 255.255.255.0 (24 bits) These parameters should work for the majority of installations. TCP/IP Parameters 8.2.1 IP Address and Subnet Mask Refer to the IP Address and Subnet Mask section in the Wizard Setup chapter for this information.
ZyAIR Access Point Series User’s Guide Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP Address Space.
Page 91
LABEL Get automatically Select this option if your ZyAIR is using a dynamically assigned IP address from a DHCP server each time. Use fixed IP address Select this option if your ZyAIR is using a static IP address. When you select this option, fill in the fields below.
ZyAIR Access Point Series User’s Guide Chapter 9 Logs Screens This chapter contains information about configuring general log settings and viewing the ZyAIR’s logs. Refer to the appendix for example log message explanations. Configuring View Log The web configurator allows you to look at all of the ZyAIR’s logs in one location. Click ADVANCED and then LOGS to open the View Log screen.
The following table describes the labels in this screen. LABEL Display Select a log category from the drop down list box to display logs within the selected category. To view all logs, select All Logs. The number of categories shown in the drop down list box depends on the selection in the Log Settings page.
ZyAIR Access Point Series User’s Guide Figure 9-2 Log Settings The following table describes the labels in this screen. Table 9-2 Log Settings LABEL DESCRIPTION Address Info Logs Screens...
Page 97
ZyAIR Access Point Series User’s Guide LABEL Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below. If this field is left blank, logs and alert messages will not be sent via e-mail.
Page 98
LABEL Send Immediate Alert Select the categories of alerts for which you want the ZyAIR to immediately send e-mail alerts. Apply Click Apply to save your customized settings and exit this screen. Reset Click Reset to reconfigure all the fields in this screen. Logs Screens ZyAIR Access Point Series User’s Guide Table 9-2 Log Settings...
This chapter displays system information such as ZyNOS firmware, port IP addresses and port 10.1 Maintenance Overview The maintenance screens can help you view system information, upload new firmware, manage configuration and restart your ZyAIR. 10.2 System Status Screen Click MAINTENANCE to open the System Status screen, where you can use to monitor your ZyAIR. Note that these labels are READ-ONLY and are meant to be used for diagnostic purposes.
LABEL ZyNOS Firmware This is the ZyNOS Firmware version and the date created. ZyNOS is ZyXEL's Version proprietary Network Operating System design. Routing Protocols This shows the routing protocol – BRIDGE for which the ZyAIR is configured. IP Address This is the Ethernet port IP address. IP Subnet Mask This is the Ethernet port subnet mask.
Table 10-2 System Status: Show Statistics LABEL Status This shows the port speed and duplex setting if you are using Ethernet encapsulation for the Ethernet port. This shows the transmission speed only for wireless port. TxPkts This is the number of transmitted packets on this port. RxPkts This is the number of received packets on this port.
The following table describes the labels in this screen. LABEL This is the index number of an associated wireless station. MAC Address This field displays the MAC address of an associated wireless station. Association Time This field displays the time a wireless station first associated with the ZyAIR. This field displays the ESS identification name to which the wireless station is associated.
Figure 10-4 Channel Usage (ZyAIR B-1000) The following table describes the labels in this screen. Table 10-4 Channel Usage (ZyAIR B-1000) LABEL This is the index number of the channel currently used by the associated AP in an Channel Infrastructure wireless network or wireless station in an Ad-Hoc wireless network. This field display Yes if the channel is used by another AP or Ad-hoc network within the Activity ZyAIR’s transmission range.
The following table describes the labels in this screen. LABEL This is the Service Set IDentification name of the AP in an Infrastructure wireless network or wireless station in an Ad-Hoc wireless network. For our purposes, we define an Infrastructure network as a wireless network that uses an AP and an Ad-Hoc network SSID (also known as Independent Basic Service Set (IBSS)) as one that doesn’t.
LABEL “Network mode” in this screen refers to your wireless LAN infrastructure (refer to the Wireless LAN chapter) and WEP setup. Network Mode Network modes are: Infrastructure (same as an extended service set ESS)), Infrastructure with WEP (WEP encryption is enabled), Ad-Hoc (same as an independent basic service set IBSS)), or Ad-Hoc with WEP.
LABEL File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Click Browse... to find the .bin file you want to upload. Remember that you must decompress Browse...
ZyAIR Access Point Series User’s Guide If the upload was not successful, the following screen will appear. Click Return to go back to the F/W Upload screen. Figure 10-9 Firmware Upload Error 10.5 Configuration Screen The web configurator uses TFTP to transfer files. See the Firmware and Configuration File Maintenance chapter for transferring configuration files using FTP/TFTP commands.
ZyAIR Access Point Series User’s Guide Figure 10-10 Backup Configuration 10.5.2 Restore Configuration Restore configuration replaces your ZyAIR's current configuration with a previously saved configuration. Restore files (usually) have a .ROM extension, e.g., "zyair.rom". The system reboots automatically after the file transfer is complete and uses the configured values in the file.
LABEL Type in the location of the file you want to upload in this field or click Browse ... to find it. File Path Click Browse... to find the file you want to upload. Remember that you must decompress Browse... compressed (.ZIP) files before you can upload them.
ZyAIR Access Point Series User’s Guide If the upload was not successful, the following screen will appear. Click Return to go back to the Configuration screen. Figure 10-14 Configuration Upload Error 10.5.3 Back to Factory Defaults Clicking the Reset button in this section clears all user-entered configuration information and returns the ZyAIR to its factory defaults as shown on the screen.
ZyAIR Access Point Series User’s Guide Figure 10-16 Reset Warning Message You can also press the RESET button on the rear panel to reset the factory defaults of your ZyAIR. Refer to the Resetting the ZyAIR section for more information on the RESET button. Maintenance 10-13...
SMT Configuration Part V: SMT CONFIGURATION This part contains SMT (System Management Terminal) configuration and background information for features only configurable by SMT. See the web configurator parts of this guide for background information on features configurable by web configurator and SMT.
This chapter describes how to access the SMT and provides an overview of its menus 11.1 Connect to your ZyAIR Using Telnet The following procedure details how to telnet into your ZyAIR. Step 1. In Windows, click Start (usually in the bottom left corner), Run and then type “telnet 192.168.1.2”...
ZyAIR Access Point Series User’s Guide Figure 11-2 Menu 23.1 System Security : Change Password Step 4. Type your new system password in the New Password field (up to 30 characters), and press [ENTER]. Step 5. Re-type your new system password in the Retype to confirm field for confirmation and press [ENTER].
ZyAIR B-3000 Main Menu Menu 1 Menu 3 General Setup LAN Setup Menu 3.2 TCP/IP Setup Menu 3.5 Menu 3.5.1 Wireless LAN WLAN MAC Setup Address Filter Menu 3.5.3 Menu 3.5.3.1 ESS x Multiple ESS Configuration Configuration Menu 3.5.4 Bridge Link Configuration Menu 24.5 Menu 24.4...
ZyAIR Access Point Series User’s Guide 11.4 Navigating the SMT Interface The SMT (System Management Terminal) is the interface that you use to configure your ZyAIR. Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below.
Copyright (c) 1994 - 2003 ZyXEL Communications Corp. Getting Started 1. General Setup 3. LAN Setup Advanced Applications 14. Dial-in User Setup 16. VLAN Setup Figure 11-4 ZyAIR B-3000 SMT Main Menu 11.4.1 System Management Terminal Interface Summary MENU TITLE...
12.1 General Setup Menu 1 – General Setup contains administrative and system-related information (shown next). The System Name field is for identification purposes. It is recommended you type your computer's "Computer name". The Domain Name entry is what is propagated to the DHCP clients on the LAN. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the ZyAIR via DHCP.
ZyAIR Access Point Series User’s Guide FIELD System Name Choose a descriptive name for identification purposes. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and underscores "_" are accepted. Domain Name This is not a required field.
13.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 – LAN Setup. From the main menu, enter 3 to display menu 3. Detailed explanation about the LAN Setup menu is given in the next chapter. 13.2 TCP/IP Ethernet Setup Use menu 3.2 to configure your ZyAIR for TCP/IP.
ZyAIR Access Point Series User’s Guide Follow the instructions in the following table on how to configure the fields in this menu. FIELD IP Address Press [SPACE BAR] and then [ENTER] to select Dynamic to have the Assignment ZyAIR obtain an IP address from a DHCP server. You must know the IP address assigned to the ZyAIR (by the DHCP server) to access the ZyAIR again.
Operating Mode= Access Point ESSID= Wireless Hide ESSID= No Channel ID= CH01 2412MHz RTS Threshold= 2432 Frag. Threshold= 2432 WEP Encryption= Disable Default Key= N/A Key1= N/A Key2= N/A Key3= N/A Key4= N/A Authen. Method= N/A Press ENTER to Confirm or ESC to Cancel: The following table describes the fields in this menu.
Page 128
ZyAIR Access Point Series User’s Guide FIELD Select Disable to allow wireless stations to communicate with the access Encryption points without any data encryption. Select 64-bit WEP or 128-bit WEP to enable data encryption. Default Key Enter the key number (1 to 4) in this field. Only one key can be enabled at any one time.
13.3.1 Configuring MAC Address Filter Your ZyAIR checks the MAC address of the wireless station device against a list of allowed or denied MAC addresses. However, intruders could fake allowed MAC addresses so MAC-based authentication is less secure than EAP authentication. Follow the steps below to create the MAC address table on your ZyAIR.
ZyAIR Access Point Series User’s Guide ------------------------------------------------------------------------------ 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 ------------------------------------------------------------------------------ Figure 13-5 Menu 3.5.1 WLAN MAC Address Filter The following table describes the fields in this menu. Table 13-3 Menu 3.5.1 WLAN MAC Address Filter FIELD Active To enable MAC address filtering, press [SPACE BAR] to select Yes and press [ENTER].
13.3.2 Configuring Roaming Enable the roaming feature if you have two or more ZyAIRs on the same subnet. Follow the steps below to allow roaming on your ZyAIR. Step 1. From the main menu, enter 3 to display Menu 3 – LAN Setup. Step 2.
ZyAIR Access Point Series User’s Guide Table 13-4 Menu 3.5.2 Roaming Configuration FIELD Active Press [SPACE BAR] and then [ENTER] to select Yes to enable roaming on the ZyAIR if you have two or more ZyAIRs on the same subnet. Port # Type the port number to communicate roaming information between access points.
Number ------------------------------------------------------------------------------ Wireless CSOB1000 ------------------------------------------------------------------------------ WEP= 64-bit WEP Action= Edit ESS= 0 Figure 13-9 Menu 3.5.3 Multiple ESS Configuration The following table describes the fields in this menu. Table 13-5 Menu 3.5.3 Multiple ESS Configuration FIELD Press [SPACE BAR] to select 64-bit WEP or 128-bit WEP. Action Press [SPACE BAR] to select Edit or Delete.
ZyAIR Access Point Series User’s Guide Figure 13-10 Menu 3.5.3.1 ESS x Configuration The following table describes the fields in this menu. Table 13-6 Menu 3.5.3.1 ESS x Configuration FIELD ESSID Enter the descriptive name up to 32 alphanumeric characters for identification. This field is case sensitive.
Table 13-6 Menu 3.5.3.1 ESS x Configuration FIELD Edit MAC Address Each service set has its own MAC address filter. Refer to MAC Address Filter section Filter for details. When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel”...
ZyAIR Access Point Series User’s Guide ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Figure 13-12 Menu 3.5.4 Bridge Link Configuration The following table describes the fields in this menu. Table 13-7 Menu 3.5.4 Bridge Link Configuration FIELD Active Press [SPACE BAR] to select Yes or No and press [ENTER]. Peer Type the MAC address of peer device in valid MAC address format, that is, Address...
14.1 Dial-in User Setup By storing user profiles locally, your ZyAIR is able to authenticate wireless users without interacting with a network RADIUS server. Follow the steps below to set up user profiles on your ZyAIR. Step 1. From the main menu, enter 14 to display Menu 14 - Dial-in User Setup. 1.
ZyAIR Access Point Series User’s Guide FIELD User Name Enter a username up to 31 alphanumeric characters long for this user profile. This field is case sensitive. Active Press [SPACE BAR] to select Yes and press [ENTER] to enable the user profile. Password Enter a password up to 31 characters long for this user profile.
This chapter explains VLAN Setup menu 16. Refer to the Multiple-ESS and VLAN chapter for background information on VLAN. This chapter is not available on all models. 15.1 VLAN Setup To setup VLAN, select option 16 from the main menu to open Menu 16 – VLAN Setup as shown next. The following table describes the fields in this menu.
ZyAIR Access Point Series User’s Guide Chapter 16 SNMP Configuration This chapter explains SNMP Configuration menu 22. 16.1 About SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your ZyAIR supports SNMP agent functionality, which allows a manager station to manage and monitor the ZyAIR through the network.
ZyAIR Access Point Series User’s Guide An agent is a management software module that resides in a managed device (the ZyAIR). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions. It executes applications that control and monitor managed devices.
Figure 16-2 Menu 22 SNMP Configuration The following table describes the SNMP configuration parameters. FIELD SNMP: Type the Get Community, which is the password for the incoming Get Community Get- and GetNext requests from the management station. Set Community Type the Set Community, which is the password for incoming Set requests from the management station.
ZyAIR Access Point Series User’s Guide TRAP # TRAP NAME coldStart (defined in RFC-1215) warmStart (defined in RFC-1215) linkUp (defined in RFC-1215) authenticationFailure (defined in RFC-1215) linkDown (defined in RFC-1215) The following table maps the physical port and encapsulation to the interface type. PHYSICAL PORT/ENCAP LAN port(s) Wireless port...
This chapter describes how to configure the system security on the ZyAIR. 17.1 System Security You can configure the system password, an external RADIUS server and 802.1x in this menu. 17.1.1 System Password You should change the default password. If you forget your password you have to restore the default configuration file.
ZyAIR Access Point Series User’s Guide Figure 17-3 Menu 23.2 System Security : RADIUS Server The following table describes the fields in this menu. Table 17-1 Menu 23.2 System Security : RADIUS Server FIELD Authentication Server Press [SPACE BAR] to select Yes and press [ENTER] to enable Active user authentication through an external authentication server.
Table 17-1 Menu 23.2 System Security : RADIUS Server FIELD Port The default port of the RADIUS server for accounting is 1813. You need not change this value unless your network administrator instructs you to do so with additional information. Shared Secret Specify a password (up to 31 alphanumeric characters) as the key to be shared between the external accounting server and the...
ZyAIR Access Point Series User’s Guide Wireless Port Control= Authentication Required ReAuthentication Timer (in second)= 1800 Idle Timeout (in second)= 3600 Authentication Databases= RADIUS Only Dynamic WEP Key Exchange= Disable Figure 17-5 Menu 23.4 System Security : IEEE802.1x The following table describes the fields in this menu. Table 17-2 Menu 23.4 System Security : IEEE802.1x FIELD Wireless Port...
Page 149
Table 17-2 Menu 23.4 System Security : IEEE802.1x FIELD Authentication This field is activated only when you select Authentication Required in the Wireless Port Control field. Databases The authentication database contains wireless station login information. The local user database is the built-in database on the ZyAIR. The RADIUS is an external server. Use this field to decide which database the ZyAIR should use (first) to authenticate a wireless station.
System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software. This chapter describes how to use these tools in detail. Type 24 in the main menu and press [ENTER] to open Menu 24 following figure.
ZyAIR Access Point Series User’s Guide Port Status 100M/Full WLAN Port Ethernet Address 00:A0:C5:01:23:45 WLAN 00:A0:C5:01:23:45 System up Time: Name: B-3000 ZyNOS F/W Version: V3.50(HC.0)b3 | 06/23/2003 Figure 18-2 Menu 24.1 System Maintenance : Status The following table describes the fields present in this menu. Table 18-1 Menu 24.1 System Maintenance : Status FIELD Port...
Table 18-1 Menu 24.1 System Maintenance : Status FIELD System Up Time This is the time the ZyAIR is up and running from the last reboot. 18.2 System Information To get to the System Information: Step 1. Enter 24 to display Menu 24 – System Maintenance. Step 2.
Refers to the routing protocol used. ZyNOS F/W Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. Version ZyNOS is a registered trademark of ZyXEL Communications Corporation. Country Code Refers to the country code of the firmware. Ethernet Address Refers to the Ethernet MAC (Media Access Control) of your ZyAIR.
18.3 Log and Trace Your ZyAIR provides the error logs and trace records that are stored locally. 18.3.1 Viewing Error Log The first place you should look for clues when something goes wrong is the error log. Follow the procedures to view the local error/trace log: Step 1.
ZyAIR Access Point Series User’s Guide Figure 18-8 Menu 24.4 System Maintenance : Diagnostic Follow the procedure next to get to display this menu: Step 1. From the main menu, type 24 to open Menu 24 – System Maintenance. Step 2. From this menu, type 4.
ZyAIR Access Point Series User’s Guide Chapter 19 Firmware and Configuration File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files using the SMT screens. 19.1 Filename Conventions The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password and TCP/IP Setup, etc.
ZyAIR Access Point Series User’s Guide FILE TYPE INTERNAL NAME Configuration File Rom-0 Firmware 19.2 Backup Configuration Option 5 from Menu 24 – System Maintenance allows you to backup the current ZyAIR configuration to your computer. Backup is highly recommended once your ZyAIR is functioning properly. FTP is the preferred method, although TFTP can also be used.
19.2.2 Using the FTP command from the DOS Prompt Step 1. Launch the FTP client on your computer. Step 2. Enter “open” and the IP address of your ZyAIR. Step 3. Press [ENTER] when prompted for a username. Step 4. Enter “root”...
ZyAIR Access Point Series User’s Guide Table 19-2 General Commands for Third Party FTP Clients COMMAND Initial Remote Specify the default remote directory (path). Directory Initial Local Specify the default local directory (path). Directory 19.2.3 Backup Configuration Using TFTP The ZyAIR supports the up/downloading of the firmware and the configuration file using TFTP (Trivial File Transfer Protocol) over LAN.
where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the ZyAIR IP address, “get” transfers the file source on the ZyAIR (rom-0 name of the configuration file on the ZyAIR) to the file destination on the computer and renames it config.rom. The following table describes some of the fields that you may see in third party TFTP clients.
ZyAIR Access Point Series User’s Guide To transfer the firmware and the configuration file, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your router. Then type "root" and SMT password as requested.
19.4.1 Firmware Upload FTP is the preferred method for uploading the firmware and configuration. To use this feature, your computer must have an FTP client. When you telnet into the ZyAIR, you will see the following screens for uploading firmware and the configuration file using FTP.
ZyAIR Access Point Series User’s Guide Menu 24.7.2 - System Maintenance - Upload System Configuration File To upload the system configuration file, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your system. Then type "root" and SMT password as requested.
331 Enter PASS command Password: 230 Logged in ftp> bin 200 Type I OK ftp> put firmware.bin ras 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp: 327680 bytes sent in 1.10Seconds 297.89Kbytes/sec. ftp>...
ZyAIR Access Point Series User’s Guide 19.4.5 Example: TFTP Command The following is an example TFTP command: TFTP [-i] host put firmware.bin ras where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the ZyAIR’s IP address, “put”...
? at the command prompt. Type “exit” to return to the SMT main menu when finished. Menu 24 – System Maintenance 10. Time and Date Setting Enter Menu Selection Number: Figure 20-1 Menu 24 System Maintenance Copyright (c) 1994 - 2003 ZyXEL Communications Corp. B-3000> ? Valid commands are: exit config wlan...
ZyAIR Access Point Series User’s Guide 20.2 Time and Date Setting The ZyAIR keeps track of the time and date. There is also a software mechanism to set the time manually or get the current time and date from an external server when you turn on your ZyAIR. Menu 24.10 allows you to update the time and date settings of your ZyAIR.
Table 20-1 Menu 24.10 System Maintenance : Time and Date Setting FIELD Use Time Server Enter the time service protocol that your time server sends when you turn on the when Bootup ZyAIR. Not all time servers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works.
Appendices Part VI: APPENDICES This part provides troubleshooting and background information about setting up your computer’s IP address, wireless LAN, 802.1x, PPPoE, PPTP and IP subnetting. It also provides information on the antenna, PoE, command interpreter interface, NetBIOS commands and logs.
This appendix covers potential problems and possible remedies. After each problem description, some instructions are provided to help you to diagnose and to solve the problem. Problems Starting Up the ZyAIR Chart A-1 Troubleshooting the Start-Up of Your ZyAIR PROBLEM None of the LEDs Make sure you are using the supplied power adaptor and that it is plugged in to an turn on when I...
ZyAIR Access Point Series User’s Guide Chart A-2 Troubleshooting the Ethernet Interface PROBLEM I cannot ping any If the ETHN LED on the front panel is off, check the Ethernet cable connections computer on the between your ZyAIR and the Ethernet device. LAN.
Problems with the WLAN Interface Chart A-5 Troubleshooting the WLAN Interface PROBLEM Cannot access the Make sure the wireless card is properly inserted in the ZyAIR and the link LED is on. ZyAIR from the Make sure the wireless adapter on the wireless station is working properly. WLAN.
Brute-Force Password Guessing The following describes the commands for enabling, disabling and configuring the brute-force password guessing protection mechanism for the password. See the Command Interpreter appendix for information on the command structure. Chart B-1 Brute-Force Password Guessing Protection Commands COMMAND sys pwderrtm This command displays the brute-force guessing password protection settings.
ZyAIR Access Point Series User’s Guide Appendix C Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.
Page 180
ZyAIR Access Point Series User’s Guide If you need the adapter: In the Network window, click Add. Select Adapter and then click Add. Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: In the Network window, click Add.
Page 181
Click the IP Address tab. -If your IP address is dynamic, select Obtain an IP address automatically. -If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Click the DNS Configuration tab.
ZyAIR Access Point Series User’s Guide Click the Gateway tab. -If you do not know your gateway’s IP address, remove previously installed gateways. -If you have a gateway IP address, type it in the New gateway field and click Add. Click OK to save and close the TCP/IP Properties window.
Page 183
For Windows XP, click start, Control Panel. In Windows 2000/NT, click Start, Settings, Control Panel. For Windows XP, click Network Connections. For Windows 2000/NT, click Network and Dial-up Connections. Setting Up Your Computer’s IP Address ZyAIR Access Point Series User’s Guide Right-click Local Area Connection and then click Properties.
Page 184
ZyAIR Access Point Series User’s Guide Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). -If you have a dynamic IP address click Obtain an IP address automatically.
Page 185
ZyAIR Access Point Series User’s Guide -If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: -In the IP Settings tab, in IP addresses, click Add.
Page 186
ZyAIR Access Point Series User’s Guide In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): -Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). -If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Page 187
Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. Select Ethernet built-in from the Connect via list. For dynamically assigned settings, select Using DHCP Server from the Configure: list. Setting Up Your Computer’s IP Address ZyAIR Access Point Series User’s Guide...
ZyAIR Access Point Series User’s Guide For statically assigned settings, do the following: -From the Configure box, select Manually. -Type your IP address in the IP Address box. -Type your subnet mask in the Subnet mask box. -Type the IP address of your ZyAIR in the Router address box. Close the TCP/IP Control Panel.
Page 189
Click Network in the icon bar. - Select Automatic from the Location list. - Select Built-in Ethernet from the Show list. - Click the TCP/IP tab. For dynamically assigned settings, select Using DHCP from the Configure list. For statically assigned settings, do the following: -From the Configure box, select Manually.
Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provides a flexible data communications system that you can use to access various services (navigating the Internet, email, printer services, etc.) without the use of a cabled connection. In effect a wireless LAN environment provides you the freedom to stay connected to the network while roaming around in the coverage area.
ZyAIR Access Point Series User’s Guide unlicensed ISM (Industrial, Scientific and Medical) band. The third method is infrared technology, using very high frequencies, just below visible light in the electromagnetic spectrum to carry data. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless nodes or stations (STA), which is called a Basic Service Set (BSS).
Page 193
ZyAIR Access Point Series User’s Guide The Extended Service Set (ESS) shown in the next figure consists of a series of overlapping BSSs (each containing an Access Point) connected together by means of a Distribution System (DS). Although the DS could be any type of network, it is almost invariably an Ethernet LAN.
Wireless LAN With IEEE 802.1x As wireless networks become popular for both portable computing and corporate networks, security is now a priority. Security Flaws with IEEE 802.11 Wireless networks based on the original IEEE 802.11 have a poor reputation for safety. The IEEE 802.11b wireless access standard, first published in 1999, was based on the MAC address.
Page 196
ZyAIR Access Point Series User’s Guide The following figure depicts a typical wireless network with a remote RADIUS server for user authentication using EAPOL (EAP Over LAN). Diagram E-1 Sequences for EAP MD5–Challenge Authentication RADIUS Server Authentication Sequence Client computer access authorized.
ZyAIR Access Point Series User’s Guide Appendix F Types of EAP Authentication This appendix discusses the four popular EAP authentication types: EAP-MD5, EAP-TLS, EAP-TTLS and PEAP. The type of authentication you use depends on the RADIUS server or the AP. Consult your network administrator for more information.
ZyAIR Access Point Series User’s Guide hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5 and EAP- MSCHAPv2, for client authentication. For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, simple user name and password pair is more practical.
Power over Ethernet Specifications You can use a power over Ethernet injector to power this device. The injector must comply to IEEE 802.3af. Chart 1 Power over Ethernet Injector Specifications Power Output Power Current Chart G-2 Power over Ethernet Injector RJ-45 Port Pin Assignments 1 2 3 4 5 6 7 8 Power over Ethernet Specifications ZyAIR Access Point Series User’s Guide...
Antenna Selection and Positioning An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air.
ZyAIR Access Point Series User’s Guide environment. With a wide coverage area, it is possible to make circular overlapping coverage areas with multiple access points. • Directional antennas concentrate the RF signal in a beam, like a flashlight. The angle of the beam width determines the direction of the coverage pattern;...
PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP over Ethernet, RFC 2516) from your PC to an ATM PVC (Permanent Virtual Circuit), which connects to a DSL Access Concentrator where the PPP session terminates (see the next figure). One PVC can support any number of PPP sessions from your LAN. PPPoE provides access control and billing functionality in a manner similar to dial-up services using PPP.
ZyAIR Access Point Series User’s Guide How PPPoE Works The PPPoE driver makes the Ethernet appear as a serial link to the PC and the PC runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC). Between the AC and an ISP, the AC is acting as a L2TP (Layer 2 Tunneling Protocol) LAC (L2TP Access Concentrator) and tunnels the PPP frames to the ISP.
ZyAIR Access Point Series User’s Guide Appendix J PPTP What is PPTP? PPTP (Point-to-Point Tunneling Protocol) is a Microsoft proprietary protocol (RFC 2637 for PPTP is informational only) to tunnel PPP frames. How can we transport PPP frames from a PC to a broadband modem over Ethernet? A solution is to build PPTP into the ANT (ADSL Network Termination) where PPTP is used only over the short haul between the PC and the modem over Ethernet.
ZyAIR Access Point Series User’s Guide PPTP Protocol Overview PPTP is very similar to L2TP, since L2TP is based on both PPTP and L2F (Cisco’s Layer 2 Forwarding). Conceptually, there are three parties in PPTP, namely the PNS (PPTP Network Server), the PAC (PPTP Access Concentrator) and the PPTP user.
ZyAIR Access Point Series User’s Guide Diagram J-3 Example Message Exchange between PC and an ANT PPP Data Connection The PPP frames are tunneled between the PNS and PAC over GRE (General Routing Encapsulation, RFC 1701, 1702). The individual calls within a tunnel are distinguished using the Call ID field in the GRE header.
IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1.
ZyAIR Access Point Series User’s Guide A class “A” address (24 host bits) can have 2 Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B”...
sequence of ones beginning from the left most bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits. Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet.
Page 212
ZyAIR Access Point Series User’s Guide Divide the network 192.168.1.0 into two separate subnets by converting one of the host ID bits of the IP address to a network number bit. The “borrowed” host ID bit can be either “0” or “1” thus giving two subnets;...
to an actual host for the first subnet is 192.168.1.1 and the highest is 192.168.1.126. Similarly the host ID range for the second subnet is 192.168.1.129 to 192.168.1.254. Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets.
ZyAIR Access Point Series User’s Guide Subnet Mask (Binary) Subnet Address: 192.168.1.128 Broadcast Address: 192.168.1.191 IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.192 Broadcast Address: 192.168.1.255 Example Eight Subnets Similarly use a 27-bit mask to create 8 subnets (001, 010, 011, 100, 101, 110). The following table shows class C IP address last octet values for each subnet.
The following table is a summary for class “C” subnet planning. NO. “BORROWED” HOST BITS Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID.
Page 216
ZyAIR Access Point Series User’s Guide NO. “BORROWED” HOST BITS Chart K-13 Class B Subnet Planning SUBNET MASK NO. SUBNETS 255.255.255.128 (/25) 255.255.255.192 (/26) 255.255.255.224 (/27) 255.255.255.240 (/28) 255.255.255.248 (/29) 255.255.255.252 (/30) 255.255.255.254 (/31) NO. HOSTS PER SUBNET 1024 2048 4096 8192 16384...
ZyAIR Access Point Series User’s Guide Appendix L Command Interpreter The following describes how to use the command interpreter. Enter 24 in the main menu to bring up the system maintenance menu. Enter 8 to go to Menu 24.8 - Command Interpreter Mode. See the included disk or zyxel.com for more detailed information on these commands.
The following describes the NetBIOS packet filter commands. See the Command Interpreter appendix for information on the command structure. Introduction NetBIOS (Network Basic Input/Output System) are TCP or UDP broadcast packets that enable a computer to connect to and communicate with a LAN. For some dial-up services such as PPPoE or PPTP, NetBIOS packets cause unwanted calls.
ZyAIR Access Point Series User’s Guide NAME WAN to LAN This field displays whether NetBIOS packets are blocked or forwarded from the WAN to the LAN. IPSec This field displays whether NetBIOS packets sent through a VPN Packets connection are blocked or forwarded. Trigger dial This field displays whether NetBIOS packets are allowed to initiate calls.
LOG MESSAGE %s exceeds the max. number of session per host! LOG MESSAGE Time calibration is successful Time calibration failed DHCP client gets %s DHCP client IP expired DHCP server assigns SMT Login Successfully SMT Login Fail WEB Login Successfully WEB Login Fail TELNET Login Successfully...
Page 222
ZyAIR Access Point Series User’s Guide FTP Login Successfully FTP Login Fail NAT Session Table is Full! TYPE CODE Echo Reply Echo reply message Destination Unreachable Net unreachable Host unreachable Protocol unreachable Port unreachable A packet that needed fragmentation was dropped because it was set to Don't Fragment (DF) Source route failed Source Quench...
TYPE CODE Echo Echo message Time Exceeded Time to live exceeded in transit Fragment reassembly time exceeded Parameter Problem Pointer indicates the error Timestamp Timestamp request message Timestamp Reply Timestamp reply message Information Request Information request message Information Reply Information reply message LOG MESSAGE Mon dd hr:mm:ss hostname src="<srcIP:srcPort>"...
ZyAIR Access Point Series User’s Guide Configuring What You Want the ZyAIR to Log Use the sys logs load command to load the log setting buffer that allows you to configure which logs the ZyAIR is to record. Use sys logs category followed by a log category and a parameter to decide what to record Chart N-5 Log Categories and Available Settings LOG CATEGORIES error...
Page 225
ZyAIR Access Point Series User’s Guide message 0|11/11/2002 15:10:12 |172.22.3.80:137 |172.22.255.255:137 |ACCESS BLOCK Log Description...
Power Adaptor Specifications AC Power Adaptor Model Input Power Output Power Power Consumption Safety Standards AC Power Adaptor Model Input Power Output Power Power Consumption Safety Standards AC Power Adaptor Model Input Power Output Power Power Consumption Safety Standards AC Power Adaptor Model Input Power Output Power Power Consumption...
Page 228
ZyAIR Access Point Series User’s Guide AC Power Adaptor Model Input Power Output Power Power Consumption Safety Standards AUSTRALIA AND NEW ZEALAND PLUG STANDARDS AC Power Adaptor Model Input Power Output Power Power Consumption Safety Standards JAPAN PLUG STANDARDS JOD-48-1124 AC100Volts/ 50/60Hz/ 27VA DC12Volts/1.2A 10 W...
Address Assignment...3-5, 8-1 Ad-hoc Configuration... D-2 Alternative Subnet Mask Notation ... K-3 Antenna Directional ... G-2 Omni-directional ... G-1 Types... G-1 Antenna gain ... G-1 Applications ...1-6 auto-negotiation...1-2 backup ...19-2 Backup...10-9 Basic Service Set ... D-2 BSS... See Basic Service Set CA ...F-1 Certificate Authority...
Page 230
ZyAIR Access Point Series User’s Guide Hidden Menus...11-4 Host ...4-3 Host IDs...K-1 IBSS... See Independent Basic Service Set IEEE 802.11 ...D-1 Deployment Issues ... E-1 Security Flaws... E-1 IEEE 802.1x ...E-1, 1-5 Advantages... E-1 Independent Basic Service Set... D-2, 5-1, 10-6 Infrastructure Configuration ...D-3 Internet access...13-1 Internet Access ...1-7...
Page 231
Trap...16-2 Traps ...16-3, 16-4 Trusted Host...16-3 Subnet Mask... 3-6, 8-1, 13-2, 18-4 Subnet Masks ... K-2 Subnetting ... K-3 Supporting Disk... xvii System Console Port Speed Diagnostic Log and Trace System Information...18-3 System Status...18-1 Time and Date...20-2 System Information ...18-3 System Information &...
Need help?
Do you have a question about the ZyXEL ZyAIR B-1000 and is the answer not in the manual?
Questions and answers