3Com 3CRGPC10075 User Manual
  1. Manuals
  2. Brands
  3. 3Com Manuals
  4. Wireless Access Point
  5. 3CRGPC10075
  6. User manual

3Com 3CRGPC10075 User Manual

Wireless 108 mbps 11g poe access point
Hide thumbs Also See for 3CRGPC10075:
Table of Contents

Advertisement

Quick Links

OfficeConnect
Wireless 108 Mbps 11g PoE Access Point

User Guide

3CRGPOE10075
(WL-529)
http://www.3com.com/
Part No. DUAPOE10075BAA01
Published December 2004
®

Advertisement

Table of Contents
loading

Related Manuals for 3Com 3CRGPC10075

Summary of Contents for 3Com 3CRGPC10075

  • Page 1: User Guide

    OfficeConnect Wireless 108 Mbps 11g PoE Access Point User Guide 3CRGPOE10075 (WL-529) http://www.3com.com/ Part No. DUAPOE10075BAA01 Published December 2004 ®...
  • Page 2 3Com Corporation reserves the right to revise this documentation and to make changes in content from time 01752-3064 to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose.

  • Page 3: Table Of Contents

    ONTENTS BOUT UIDE Conventions Related Documentation Documentation Comments NTRODUCING THE Overview Features and Capabilities Wireless and Networking Security Configuration and Management Package Contents Physical Features Front Panel Back Panel Overview of Setup and Management Tasks NSTALLING AND ONNECTING THE Before You Begin Installation Requirements Wireless Station Requirements Security Information...
  • Page 4 ONFIGURING THE Navigating the Web Interface Menu and Tabs Buttons Timeout Setting Defining Security Profiles Configuring and Enabling a Profile Setting the Primary Profile Isolating Wireless Clients with Different Profiles Controlling Access to the Wireless Network Defining the List of Trusted Stations Enabling Access Control Based on MAC Address Backing Up the Access Control List Configuring System Settings...
  • Page 5 Viewing the Device Status Viewing Profiles Viewing Associated Wireless Stations Working with Logs Viewing Device Statistics Working with the Configuration File Backing Up the Configuration File Restoring Settings from a Backup Restoring Settings to Factory Defaults Sending Device Logs to a Syslog Server Configuring the SNMP Agent Upgrading the Firmware Automating Updates and Configuration...
  • Page 6 LAN B IRELESS ASICS Wireless Modes Ad Hoc Mode Infrastructure Mode SSID/ESSID BSS/SSID ESS/ESSID Wireless Channels Security Settings WPA-PSK WPA-802.1x 802.1x ONFIGURING THE Overview of TCP/IP Configuring TCP/IP on Windows XP Configuring TCP/IP on Windows 2000 Configuring TCP/IP on Windows Me/98/95 Configuring TCP/IP on Windows NT 4.0 BTAINING UPPORT FOR...
  • Page 7 LOSSARY NDEX EGULATORY OTICES...

  • Page 9: About This Guide

    Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com World Wide Web site: http://www.3com.com/...
  • Page 10 BOUT UIDE Table 1 Notice Icons Icon Table 2 Text Conventions Convention Screen displays This typeface represents information as it appears on the Syntax Commands The words “enter” and “type” Keyboard key names If you must press two or more keys simultaneously, the key Words in italics Notice Type Description...

  • Page 11: Related Documentation

    ■ ■ Please note that we can only respond to comments and questions about 3Com product documentation at this e-mail address. Questions related to technical support or sales should be directed in the first instance to your network supplier. Quick Start Guide This guide provides information to help you easily set up the Access Point in a network environment.
  • Page 12 BOUT UIDE...

  • Page 13: Introducing The Office Connect Wireless Access Point

    Access Point kit and helps you get to know the physical features of the device. Overview 3Com wireless systems let you simply and confidently extend network information and applications to difficult-to-wire locations and to your mobile workforce, making your business more productive, competitive and successful.

  • Page 14: Features And Capabilities

    Table 1 Wireless and Networking Features FFICE ONNECT IRELESS CCESS Wired Local Area Network 3Com Wireless Access Point lists the wireless and networking features that the Access Point Feature Description Standards compliance Complies with the IEEE802.11g (DSSS) specifications for wireless local area networks 802.11g-802.11b...
  • Page 15 You can source power from an 802.3af-compliant power sourcing equipment (PSE) or use the supplied power adapter to power the Access Point. You can use the following 3Com PoE products to supply power to OfficeConnect Wireless 108 Mbps 11g PoE Access Point: Baseline Switch 2226-PWR Plus 3C16490 ■...
  • Page 16 1: I HAPTER NTRODUCING THE WDS Support Wireless Distribution System (WDS) allows you to build a completely wireless infrastructure using access points, instead of wires, to interconnect multiple networks. WDS also helps you create large wireless networks by linking several wireless access points with WDS links. WDS is normally used in large, open areas where pulling wires is cost prohibitive, restricted, or physically impossible.
  • Page 17 Features and Capabilities Figure 2 Point-to-Point WDS Wired Wired Network B Network A WDS Link PTMP mode, as shown in Figure 3, interconnects three or more wired networks using multiple access points that function as wireless bridges. In a PTMP configuration, one access point is configured as the master AP and set to PTMP mode.
  • Page 18 1: I HAPTER NTRODUCING THE Figure 3 Point-to-Multipoint WDS Secure WDS Communication The Access Point secures WDS links using either WEP or WPA-PSK encryption. If you use WEP, all APs in the system must use the same WEP key. If you use WPA-PSK, you must create the same security profile (with the same SSID) on both master and slaves, and configure both master and slaves to use WPA-PSK.
  • Page 19 Features and Capabilities Figure 4 Repeater WDS Wired Network WDS Link As a client, the Access Point functions like a wireless card that is connected to a computer to provide a wireless interface. When operating in client mode, the Access Point can only communicate with a wireless router or an access point.

  • Page 20: Security

    1: I HAPTER NTRODUCING THE Figure 5 Client Mode Security Table 2 Table 2 Security Features Feature 64-/128-/152-bit WEP and WPA 128-bit AES and TKIP encryption 802.1x RADIUS server authentication Security profiles and multiple SSIDs Multiple SSIDs Multiple SSID isolation Access control list FFICE ONNECT...
  • Page 21 Table 2 Security Features Feature Description VLAN support Supports the 802.1Q VLAN standard, allowing traffic from different sources to be segmented. When combined with the multiple SSID feature, serves as a powerful tool for controlling access to the wireless network. See Support”.
  • Page 22 NTRODUCING THE FFICE ONNECT IRELESS CCESS OINT Figure 6 Wireless Stations Using Different Security Settings 3Com Wireless 11g PoE Access Point SSID 1 SSID 2 Using WPA Using WEP VLAN Support A virtual LAN (VLAN) is a network of computers that behave as if they are on the same local network, even if they are physically located on different segments of the network.

  • Page 23: Configuration And Management

    Management Point provides. Table 3 Configuration and Management Features Feature Web-based administration VLAN1 3Com Wireless Access Point Wireless to SSID1 lists the configuration and management features that the Access Description Works with any Web browser that supports HTML and Java...

  • Page 24: Package Contents

    One power adapter OfficeConnect Wireless 108 Mbps 11g PoE Access Point Quick Start Guide One CD-ROM, which contains the setup files for the 3Com Access Point Manager and a PDF version of the OfficeConnect 108 Mbps 11g Wireless Access Point User Guide...

  • Page 25: Physical Features

    Physical Features Before setting up the Access Point, 3Com recommends that you first familiarize yourself with the physical features of the device. Front Panel The front panel of the Access Point includes LEDs that indicate the status of the device. For information on what these LEDs indicate, refer to the table below.

  • Page 26: Overview Of Setup And Management Tasks

    1: I HAPTER NTRODUCING THE Table 5 Back Panel Ports and Connections Overview of Setup The following are tasks that you need to perform to get the Access Point and Management up and running, and to enable wireless stations on the network to Tasks associate with it.

  • Page 27: Installing And Connecting The Access Point

    This chapter provides information on installing the Access Point and connecting it to the local network. It also lists the system requirements for wireless stations that will associate with the Access Point. Before You Begin Before starting with the installation, make sure that you have the required items for the installation ready.

  • Page 28: Security Information

    Water or moisture cannot enter the case of the unit. Air flow around the unit and through the vents in the side of the case is not restricted. 3Com recommends you provide a minimum of 25 mm (1 in.) clearance.

  • Page 29: Powering On And Connecting The Access Point

    Figure 8 Powering the Access Point Using the Supplied Power Adapter Using Power over If you have a PoE switch, such as the 3Com Baseline Switch 2226-PWR Ethernet Plus 3C16490, you can plug the Ethernet cable from the Access Point directly to a PoE port on the switch to supply power.

  • Page 30: Verifying The Installation

    2: I HAPTER NSTALLING AND If you have an 802.3af-compliant power sourcing equipment (PSE), do the following: 1 Connect one end of a standard Ethernet cable to the Ethernet port on the back panel of the Access Point. And then, connect the other end to the P+DATA port on the PSE.

  • Page 31: With A Dhcp Server

    Before continuing, check the sticker on the base of the Access Point, and take note of the Access Point name (for example, SCB8CF22). You may need this information to select the right Access Point, if the 3Com Access Point Manager detects other access points on the network.
  • Page 32 2: I HAPTER NSTALLING AND Figure 10 3Com Access Point Manager 4 Click the access point name that corresponds to the name on the base of the Access Point. 5 Click Web Management to start the Web interface. If the Web Management button is unavailable, it means that the Access Point and the admin computer are on different subnets.
  • Page 33 Gateway ■ ■ 3 Click OK, and then click Refresh. The 3Com Access Point Manager screen refreshes, and then the Web Management button becomes available. 4 Click Web Management to start the Web interface. The interface loads in your Web browser and an authentication dialog box appears.

  • Page 34: Without A Dhcp Server

    2: I HAPTER NSTALLING AND 6 Click OK. Without a DHCP If you do not have a DHCP server on the network, you need to Server reconfigure the TCP/IP settings of the admin computer to be able to connect to the Access Point’s Web interface. 1 Open the Properties dialog box of the network interface card that the computer is using to connect to the wired local network.

  • Page 35: Configuring The Access Point

    This chapter provides information on configuring the Access Point to enable wireless stations to successfully associate with it. Navigating the Web The Web interface has been designed to enable you to easily perform Interface configuration tasks and view information about the Access Point. Figure 12 Access Point Web Interface Menu and Tabs The menu is on the left side of the Web interface.

  • Page 36: Buttons

    3: C HAPTER ONFIGURING THE interface. If there are more options for the menu selection, then tabs containing these additional options appear above the main part. Buttons ■ ■ ■ ■ ■ ■ Timeout Setting The Web interface has a timeout mechanism that automatically logs you off if it does not detect any activity within five minutes.

  • Page 37: Configuring And Enabling A Profile

    WPA-802.1x – Similar to WPA, but requires a RADIUS server on the ■ network to perform client authentication based on the 802.1x standard. If your network supports both encryption and authentication methods, 3Com recommends using this method. Defining Security Profiles...
  • Page 38 3: C HAPTER ONFIGURING THE ■ For more information on configuring each encryption method, refer to “Configuring Encryption and Authentication” 6 If you have a RADIUS server on the network and you want to centralize client authentication on the RADIUS server, configure the settings for RADIUS-based MAC address authentication.
  • Page 39 Configuring Encryption and Authentication This section lists the configuration options for each available encryption and authentication method. WEP Options If you selected WEP, you need to configure the settings listed in Figure 14 Security Options for WEP Table 6 Options for WEP Option Description Data Encryption...
  • Page 40 3: C HAPTER ONFIGURING THE Table 6 Options for WEP Option Passphrase WPA-PSK Options If you selected WPA-PSK, you need to configure the settings listed in Table Figure 15 Security Options for WPA-PSK Table 7 Options for WPA-PSK Option Network Key CCESS OINT Description...
  • Page 41 Table 7 Options for WPA-PSK Option Description WPA Encryption Select your preferred WPA encryption level, and ensure that wireless stations have the same setting and key value. TKIP – Unicast (point-to-point) transmissions and ■ multicast (broadcast) transmissions are encrypted using TKIP TKIP + 64 bit WEP –...
  • Page 42 3: C HAPTER ONFIGURING THE WPA-802.1x Options If you selected WPA-802.1x, you need to configure the settings listed in Table Figure 16 Security Options for WPA-802.1x Table 8 Options for WPA-802.1x Option RADIUS Server Address RADIUS Port Client Login Name Shared Key CCESS OINT...
  • Page 43 Table 8 Options for WPA-802.1x Option Description WPA Encryption Select the preferred WPA encryption level, and ensure that wireless stations have the same setting and key value. TKIP – Unicast (point-to-point) transmissions and ■ multicast (broadcast) transmissions are encrypted using TKIP TKIP + 64 bit WEP –...
  • Page 44 3: C HAPTER ONFIGURING THE CCESS OINT 802.1x Options If you selected 802.1x, you need to configure the settings listed in Table Figure 17 Security Options for 802.1x...
  • Page 45 Table 9 Options for 802.1x Option Description RADIUS Server Type the host name or IP address of the RADIUS server on Address the network RADIUS Port Type the port number used for connections to the RADIUS server. Client Login Name This read-only field displays the name used for the client login on the RADIUS server.
  • Page 46 3: C HAPTER ONFIGURING THE Configuring RADIUS MAC Authentication If you have a RADIUS server set up on the network, you can use it to centralize the authentication of wireless stations based on their MAC addresses. Authenticated stations will be allowed to associate with the Access Point.
  • Page 47 is the station’s MAC address) is added to the Access xx:xx:xx:xx:xx:xx Point log. The wireless station’s status also appears as the list of associated stations. If the wireless station’s MAC address is not on the RADIUS database, the entry xx:xx:xx:xx:xx:xx MAC authentication failed log, and the station’s status appears as associated stations.
  • Page 48 3: C HAPTER ONFIGURING THE Table 10 Options for RADIUS-based MAC Authentication Option Client Login Name Shared Key WEP Key WEP Key Index Configuring UAM Universal Access Method (UAM) is a client authentication method that is typically used in Internet cafes, hot spots, and similar sites that provide Internet access.
  • Page 49 authentication. You can customize the welcome screen, or even link it to your organization’s Web site. Figure 19 UAM Screen Internal UAM Authentication To use internal UAM authentication, do following: 1 Ensure that the Access Point can log on to the RADIUS server as a RADIUS client.
  • Page 50 3: C HAPTER ONFIGURING THE c In RADIUS Server Address, type the IP address or host name of the d In RADIUS Port, type the port number on the RADIUS server that is e In Shared Key, type the same key value as the one you set on the f Click Save, and then click Close.
  • Page 51 3 On your Web server, create a welcome page that has a button or link to page on the Access Point. Users will enter their user uamlogon.htm name and password on the 4 Verify that the wireless security settings on the wireless stations match the security settings on the Access Point, including the key (if any).

  • Page 52: Setting The Primary Profile

    3: C HAPTER ONFIGURING THE If the logon credentials are invalid, the user will not be able to access any other Web page, except for the logon page. An entry xx:xx:xx:xx:xx:xx WEB authentication failed and the station’s status appears as associated stations.

  • Page 53: Controlling Access To The Wireless Network

    For an overview of the VLAN support provided by the Access Point, refer Figure 21 VLAN Screen Controlling Access By default, the Access Point’s security settings are disabled to allow you to the Wireless to easily connect and configure it after the initial setup. Anyone that can Network detect the SSID that is broadcast on the wireless network can therefore connect to it.

  • Page 54: Defining The List Of Trusted Stations

    3: C HAPTER ONFIGURING THE determine the MAC address of a wireless station on a Windows computer: 1 On the Start menu, click Run. 2 In the Open field, type 3 Type 4 Note the value for Physical Address under the wireless NIC properties. The MAC address is also called “physical address”.
  • Page 55 Figure 22 Manually Adding a Trusted Station to the List Repeat steps 3 to 5 for each wireless station that you want to add to the access control list. To delete a MAC address from the list, click the MAC address under Trusted Wireless Stations, and then click the >>...

  • Page 56: Enabling Access Control Based On Mac Address

    3: C HAPTER ONFIGURING THE 4 Click Browse, and then browse to the location of the text-based access control list. Figure 23 Uploading the Text File That Lists the Trusted MAC Addresses 5 Click the text file, and then click OK. 6 Click Upload File.

  • Page 57: Backing Up The Access Control List

    To ensure that you can easily restore the access control list if it Access Control List accidentally erased, 3Com recommends that you back it up periodically. To back up the access control list: 1 On the Access Control tab, click Write to File. The File Download dialog box appears.
  • Page 58 3: C HAPTER ONFIGURING THE Figure 25 System Screen To configure the system settings: 1 On the menu, click System. 2 Configure the identity of the Access Point on the network. You can edit the following settings: ■ ■ ■ Use of certain wireless channels is restricted in some countries.
  • Page 59 If you have a DHCP server on the network and you want the Access ■ Point to automatically obtain its IP address from the DHCP server, click DHCP Client. If you do not have a DHCP server on the network, click Fixed IP ■...

  • Page 60: Configuring The Wireless Settings

    3: C HAPTER ONFIGURING THE Configuring the The Access Point can function either as a standard wireless access point Wireless Settings or a wireless client/repeater. Basic Wireless Basic wireless settings include the settings for the different modes Settings supported by the Access Point and wireless channel selection. Figure 26 Basic Wireless Settings Screen To configure basic wireless settings: 1 On the menu, click Wireless.
  • Page 61 Table 11 Wireless Mode Options Mode Option Description 802.11b Allows connections from 802.11b wireless stations only. 802.11g wireless stations may still be able to connect if they are fully backward-compatible with the 802.11b standard. 802.11g Allows connections from 802.11g wireless stations only. If you only have an 802.11g network, select this option (instead of the default) for optimal wireless performance.
  • Page 62 3: C HAPTER ONFIGURING THE do this to improve wireless security, especially if you have not defined a list of trusted wireless stations. 5 In Bridge Mode, select the appropriate mode. The following options are available: ■ ■ ■ 6 In Channel, select the wireless channel that you want the Access Point to use.
  • Page 63 Configuring the Wireless Settings Configuring PTMP Bridge Settings Figure 27 PTMP Mode With the Access Point Set as Master Wired Network B Slave, Set to Wired PTP Mode Network A WDS Link Wired Network C Master, Set to PTMP Mode WDS Link Slave, Set to...
  • Page 64 3: C HAPTER ONFIGURING THE Figure 28 PTMP AP List Screen For increased security, you can restrict the access points that can bridge with the OfficeConnect Wireless Access Point. To do this: 1 Under the Bridge Mode section of the Basic tab, select the In PTMP mode, only allow specified APs check box.

  • Page 65: Advanced Wireless Settings

    Advanced Wireless Advanced wireless settings include basic rate options, wireless separation, Settings disassociation timeout, and beacon interval. Figure 29 Advanced Wireless Settings Screen Basic Rate The basic rate is used for broadcasting. It does not determine the data transmission rate, which is determined by the “Mode” setting on the Basic screen.
  • Page 66 3: C HAPTER ONFIGURING THE Options ■ ■ Parameters ■ ■ ■ ■ ■ ■ 802.11b ■ ■ ■ ■ CCESS OINT Wireless Separation – If selected, wireless stations that are associated with the Access Point are invisible to other wireless stations. In most business situations, this check box should be cleared.

  • Page 67: Configuring The Wireless Stations

    This chapter describes how to configure the wireless stations with the appropriate security settings to ensure successful association with the Access Point. It also provides information on how to configure other devices, such as the RADIUS server, that may be required to support the wireless security settings.

  • Page 68: Using Wep

    Wireless station must be set to infrastructure mode (not ad hoc mode) SSID (ESSID) This SSID must match an SSID that is specified on the Access Point. The default SSID is 3Com. NOTE: The SSID is case-sensitive. Setting Description Mode...

  • Page 69: Using Wpa-Psk

    SSID (ESSID) The SSID must match an SSID that is specified on the Access Point. The default SSID is 3Com. NOTE: The SSID is case-sensitive. Wireless Security Wireless security on the station must be set to WPA-PSK.

  • Page 70: Configuring The Wireless Stations

    SSID (ESSID) The SSID must match an SSID that is specified on the Access Point. The default SSID is 3Com. NOTE: The SSID is case-sensitive. 802.1x The wireless station must obtain a certificate, which it will to Authentication authenticate itself with the RADIUS server.

  • Page 71: Setting Up Microsoft Ias As Radius Server

    ■ Setting Up Microsoft This section describes using Microsoft Internet Authentication Server as IAS as RADIUS Server the RADIUS Server, since it is the most common RADIUS server available that supports the EAP-TLS authentication method. The following services on the Windows 2000 Domain Controller (PDC) are also required: ■...
  • Page 72 4: C HAPTER ONFIGURING THE Installing the Required Services 1 From the Start menu, click Control Panel. 2 Double-click Add/Remove Programs. 3 Click Add/Remove Windows Components. 4 Verify that the following components are selected: ■ ■ ■ Figure 30 Windows Component Wizard 5 Click Next.
  • Page 73 7 Type the required the information for the Certificate Authority, and then click Next. Figure 31 CA Identifying Information Screen 8 Click Next to use the CA’s default configuration. Windows setup displays a warning message that IIS is running and must be stopped before continuing.
  • Page 74 4: C HAPTER ONFIGURING THE Figure 32 DHCP Dialog Box 3 When the New Scope wizard starts, click Next. 4 Type a name and description for the scope, and then click Next. 5 Define the IP address range. Change the subnet mask if necessary. Click Next when done.
  • Page 75 Figure 33 IP Address Range Screen 6 Add exclusions in the address fields if required. If no exclusions are required, leave it blank. Click Next. 7 Change the Lease Duration time, if necessary, and then click Next. 8 Select Yes, I want to configure these options now, and click Next. 9 Type the router address for the current subnet.
  • Page 76 4: C HAPTER ONFIGURING THE Setting Up the Certificate Authority Server 1 From the Start menu, point to Programs > Administrative Tools, and then click Certification Authority. 2 On the Certification Authority screen, right-click Policy Settings, point to New, and then click Certificate to Issue. Figure 34 Certification Authority Screen 3 Hold down the Ctrl key, and then on the Select Certificate Template screen, click Authenticated Session and Smartcard Logon.
  • Page 77 Figure 35 Group Policy Tab 8 Under the Default Domain Policy tree, click Computer Configuration > Windows Settings > Security Settings > Public Key Policies. 9 Under Public Key Policies, right-click Automatic Certificate Request Settings, point to New, and then click Automatic Certificate Request. The Automatic Certificate Request Setup Wizard appears.
  • Page 78 4: C HAPTER ONFIGURING THE Figure 36 Automatic Certificate Request Setup Wizard 12 Verify that your certificate authority is selected, and then click Next. 13 Review the policy change information, and then click Finish. 14 From the Start menu, click Run, and then enter appears.
  • Page 79 6 Right-click Remote Access Policies, and then click New Remote Access Policy. 7 Assuming that you are using EAP-TLS, name the policy click Next. The Select Attribute screen appears. 8 Click Add. If you do not want to set any restrictions, click Day-And-Time-Restrictions, and then click Add.

  • Page 80: Setting Up Windows Xp For 802.1X

    4: C HAPTER ONFIGURING THE 14 To display the help file for EAP, click Yes. 15 Click Finish. Configuring Remote Access Logon for Users 1 From the Start menu, point to Programs > Administrative Tools, and then click Active Directory Users and Computers. 2 Double-click the user name that you want to grant remote access.
  • Page 81 ask users to install the Windows 2000 Service Pack 3 to gain the same functionality. If your wireless stations are running neither Windows XP nor Windows 2000, they need to use the 802.1x client software provided with the wireless adapters. For information on how to set up and configure the 802.1x client software for these adapters, refer to the documentation for the wireless adapters.
  • Page 82 4: C HAPTER ONFIGURING THE Figure 39 Welcome Screen of Microsoft Certificate Services 6 Click User certificate request, select User Certificate, and then click Next. 7 Click Submit. A message appears, and then the Certificate Issued screen appears. 8 Click Install this certificate. A confirmation message appears. 9 Click Yes.
  • Page 83 Figure 40 Wireless Network Connection Properties Screen 3 Click the Authentication tab. 4 Verify that the Enable network access control using IEEE 802.1X check box is selected. 5 In EAP type, verify that Smart Card or other Certificate is selected. Configuring the Encryption Settings By default, Windows XP automatically detects available wireless networks and allows you to configure each network independently.
  • Page 84 4: C HAPTER ONFIGURING THE Enabling Encryption To enable encryption for a wireless network: 1 Click the Wireless Networks tab. Figure 41 Wireless Networks Tab 2 From the list of available networks, click the SSID for the Access Point, and then click Configure. 3 On the Wireless Network Properties screen, specify the SSID for the Access Point, and then configure the wireless network key settings.

  • Page 85: Using 802.1X Without Wpa

    Figure 42 Wireless Network Properties Screen 4 Click OK. Windows XP configuration for 802.1x is now complete. Using 802.1x The procedure for setting up 802.1x without WPA is almost the same as Without WPA for WPA-802.1x. The only difference is that on the wireless station, the The key is provided for me automatically check box (see not be selected.
  • Page 86 4: C HAPTER ONFIGURING THE IRELESS TATIONS...

  • Page 87: Performing Dditional Dministrative Asks

    This chapter provides information on other tasks that you can perform after setting up and configuring the Access Point and wireless stations. Configuring To prevent unauthorized users from gaining access to the Web interface, Administrator 3Com recommends that you: Access ■ ■ ERFORMING...

  • Page 88: Changing The Default Logon Account

    Changing the Default To prevent unauthorized users from accessing the Web interface and Logon Account modifying your settings, 3Com recommends that you change the default logon account. 1 On the menu, click Management. 2 On the Admin Login tab under Login, edit the logon settings.

  • Page 89: Viewing Information About The Device

    ■ ■ ■ To ensure that you can always connect to the Web interface, you must keep at least one of these admin connection types enabled. ■ 3 Click Save. Viewing There are three types of status information that you can view on the Information About Access Point: the Device...

  • Page 90: Viewing Profiles

    5: P HAPTER ERFORMING DDITIONAL Table 16 Access Point Information Field Domain Firmware Version Table 17 TCP/IP Settings Field IP Address Subnet Mask Gateway DHCP Client Table 18 Wireless Settings Field Channel/Frequency Wireless Mode AP Mode Bridge Mode Viewing Profiles To view a summary of the all current profiles (both enabled and disabled): 1 On the menu, click Status.

  • Page 91: Viewing Associated Wireless Stations

    The maximum log file size that the Access Point can store is 30 KB. If the accumulated log records reach this file size, the Access Point automatically clears all log records. Viewing Logs 3Com recommends checking the logs periodically to determine if the device is working properly. Viewing Information About the Device...
  • Page 92 5: P HAPTER ERFORMING DDITIONAL To view the Access Point logs: 1 On the menu, click Status. 2 Click the Logs tab. Log information appears on the Logs screen, displaying: ■ ■ The date and time displayed in the Access Point logs are queried from a public Network Time Protocol (NTP) time server on the Internet.

  • Page 93: Viewing Device Statistics

    If you have a syslog server on the network, you can automate this process by configuring the Access Point to forward its log entries to the syslog server. For information, refer to page To save the logs to a file: 1 On the Log screen, click Save to File.

  • Page 94: Working With The Configuration File

    Access Point settings are saved to a configuration file that is stored on the Configuration File device. To ensure that you can easily restore your settings if the configuration file becomes corrupt for any reason, 3Com recommends backing up the configuration file. DDITIONAL...

  • Page 95: Backing Up The Configuration File

    Use the Config File screen under Management to back up the configuration file and to restore your settings from a configuration backup. Figure 47 Config File Screen Backing Up the To back up the configuration file: Configuration File 1 On the menu, click Management. 2 Click the Config File tab.

  • Page 96: Restoring Settings From A Backup

    IP address from it. The new IP address will most likely be different from the old one. Use the 3Com Access Point Manager to determine the new IP address. Sending Device...

  • Page 97: Configuring The Snmp Agent

    To disable sending of the device logs to a syslog server, click Disable. Figure 48 Sending Device Logs to a Syslog Server 4 In Minimum Severity Level, specify the type of log information that will be sent to the syslog server. Available options include: ■...
  • Page 98 5: P HAPTER ERFORMING DDITIONAL Figure 49 SNMP Screen To configure the SNMP agent that is built into the Access Point: 1 On the menu, click Management. 2 Click the SNMP tab. 3 Select the Enable SNMP check box. 4 In Community, type the name SNMP community name (normally, either Private or Public).

  • Page 99: Upgrading The Firmware

    The upgrade function allows you to install on the Access Point any new Firmware firmware releases that 3Com may make available. To install the new firmware, you first need to download the firmware from the 3Com support Web site to the admin computer.

  • Page 100: Automating Updates And Configuration

    5: P HAPTER ERFORMING The upgrade process can take up to two minutes, and is complete when the Status LED has stopped flashing and is permanently off. Make sure that you do not interrupt power to the Access Point during the upgrade process;...

  • Page 101: Automating Updates

    To automate configuration: 1 On the menu, click Advanced. 2 Click the Auto Config/Update tab. 3 Under Auto Config, select the Perform Auto Configuration on this AP next restart check box. 4 To allow other access points (that are also set to auto config) to copy the Access Point’s configuration, select the Respond to Auto-configuration request by other AP check box.

  • Page 102: Detecting Rogue Access Points

    5: P HAPTER ERFORMING ■ ■ 5 In FTP Server address, type the domain name or IP address of the FTP server on which you will store firmware updates. 6 In Firmware pathname, type the full path (including the file name) to the firmware file on the FTP server.
  • Page 103 Figure 52 Rogue AP Detection Screen To enable detection of rogue access points: 1 On the menu, click Advanced. 2 Click the Rogue AP Detection tab. 3 Select the Enable Rogue AP Detection check box. 4 In Scan every..., set the interval (in minutes) at which the Access Point will automatically search for rogue access points.

  • Page 104: Viewing Detected Rogue Access Points

    5: P HAPTER ERFORMING DDITIONAL Viewing Detected On the Advanced screen, click Rogue AP List. The screen displays Rogue Access Points information about unauthorized access points on the network, including why it was detected as rogue. Table 20 Rogue Access Point List The following information is available in the Rogue Access Point List screen: ■...

  • Page 105: Troubleshooting

    This chapter lists some issues that you may encounter while installing, configuring, and using the Access Point, and provides information on how to resolve them. Basic Connection ■ Checks ■ ■ Cannot Connect to Check the following: the Wireless Access ■...

  • Page 106: Forgotten Password And Reset To Factory Defaults

    6: T HAPTER ROUBLESHOOTING Forgotten If you can browse to the Access Point configuration screen but cannot log Password and Reset on because you have forgotten the password, follow the steps below to to Factory Defaults reset the Access Point to its factory default configuration. All your configuration changes will be lost, and you will need to run the configuration wizard again before you can re-establish your wireless network.

  • Page 107: Technical Specifications

    This appendix lists the technical specifications for the OfficeConnect Wireless 108 Mbps 11g PoE Access Point. Hardware Specifications Table 21 Hardware Specifications ECHNICAL PECIFICATIONS Component Description AR2312 Radio-on-chip AR2112 DRAM 8 MB Flash ROM 2 MB Ethernet port 1 x Auto-MDIX RJ-45 for 10/100Mbps Ethernet Wireless interface Embedded Atheros solution ■...

  • Page 108: Wireless Specifications

    A: T PPENDIX ECHNICAL Wireless Specifications Table 22 Wireless Specifications PECIFICATIONS Specification Description Receive sensitivity at min. -85dBm 11 Mbps Receive sensitivity at min. -89dBm 5.5 Mbps Receive sensitivity at 2 min. -90dBm Mbps Receive sensitivity at 1 min. -93dBm Mbps Maximum receive level min.
  • Page 109 Table 22 Wireless Specifications Specification Description Operating range 802.11b Indoors 30 meters (100 ft) @ 11 Mbps ■ 50 meters (165 ft) @ 5.5 Mbps ■ 70 meters (230 ft) @ 2 Mbps ■ 9 1 meters (300 ft) @ 1 Mbps ■...

  • Page 110: Software Specifications

    A: T PPENDIX ECHNICAL Software Specifications Table 23 Software Specifications PECIFICATIONS Specification Description Wireless Access point support ■ Roaming supported ■ IEEE 802.11g/11b compliance ■ Super G (up to 108Mbps) ■ Auto-sensing open system/shared key authentication ■ Wireless channels support ■...
  • Page 111 Table 23 Software Specifications Specification Description Management Web-based configuration ■ RADIUS accounting ■ RADIUS-on feature ■ RADIUS accounting update ■ ■ Message log ■ Access control list file support ■ Configuration file backup and restore ■ Statistics support ■ Device discovery program ■...
  • Page 112 A: T PPENDIX ECHNICAL PECIFICATIONS...

  • Page 113: Connecting To The Cli Via Telnet

    This appendix describes how to use Telnet and the serial port (RS232) to access the command line interface (CLI) for configuration. It also provides a complete list of all commands that can be executed at the CLI. You can use the CLI to create scripts that automate basic configuration changes. Use the CLI to configure the Access Point only if you are an advanced user with previous experience in using the command interface.

  • Page 114: Connecting To The Cli Via The Serial Port

    B: C PPENDIX OMMAND Connecting to the To connect to the CLI via the serial port: CLI via the Serial Port 1 Using a standard serial port cable, connect your computer to the serial (RS232) port on the Access Point. 2 Start your communications program.

  • Page 115: Cable Pinouts For Serial Connectors

    Figure 53 COM Port Properties Screen 4 Click Apply, and then click OK. 5 Click Connect to start the connection. A prompt for the user name and password appears. 6 Enter your logon name and password. These are the same as the user name and password that you use for the Web interface.

  • Page 116: Command Reference

    B: C PPENDIX OMMAND Figure 54 Pinouts for 9-pin to RS-232 25-pin Figure 55 Pinouts for 9-pin to 9-pin Command Table 24 Reference the CLI. Table 24 Console Commands EFERENCE Access Point Cable Connector: 9-Pin Female Screen Shell Ground Access Point Cable Connector: 9-Pin Female Screen...
  • Page 117 Table 24 Console Commands Command config profile del acl del key find bss find channel find all format bootrom get 11gonly get 11goptimize get 11goverlapbss get acl get aging get antenna get association get authentication get autochannelselect get basic11b get basic11g get beaconinterval get burstSeqThreshold get burstTime...
  • Page 118 B: C PPENDIX OMMAND Table 24 Console Commands Command get config get countrycode get ctsmode get ctsrate get ctstype get domainsuffix get dtim get enableANI get encryption get extendedchanmode get firStepLvl get fragmentthreshold get frequency get gateway get gbeaconrate get gdraft5 get groupkeyupdate get hardware get hostipaddr...
  • Page 119 Table 24 Console Commands Command get overRidetxpower get operationMode get power get quietAckCtsAllow get quietDuration get quietOffset get radiusname get radiusport get rate get remoteAp get hwtxretries get swtxretries get rtsthreshold get shortpreamble get shortslottime get sntpserver get softwareretry get spurImmunityLvl get ssid get ssidsuppress get station...
  • Page 120 B: C PPENDIX OMMAND Table 24 Console Commands Command get wirelessmode get 80211d get http get HttpPort get https get HttpsPort get syslog get syslogSeverity get syslogServer get manageOnlyLan get roguedetect get rogueinteval get rogueband get roguetype get roguesnmp get roguelegal get autoConfig get autoResponse get autoChangeName...
  • Page 121 Table 24 Console Commands Command get profileVlanId get APPrimaryProfile get WDSPrimaryProfile get securityMode get Accounting get Accountingport get keyValue get keyLength get keyIndex get UAM get UAMMethod get UAMLoginURL get UAMLoginFailURL get macAuth get snmpMode get snmpCommunity get snmpAccessRight get snmpAnyStaMode get snmpStationIPAddr get trapMode get trapVersion...
  • Page 122 B: C PPENDIX OMMAND Table 24 Console Commands Command help Lebradeb ping radar! reboot quit set 11gonly set 11goptimize set 11goverlapbss set acl set aging set antenna set authentication set autochannelselect set basic11b set basic11g set beaconinterval set burstSeqThreshold set burstTime set calibration set cckTrigHigh set cckTrigLow...
  • Page 123 Table 24 Console Commands Command set compproc set compwinsize set countrycode set ctsmode set ctsrate set ctstype set domainsuffix set dtim set enableANI set encryption set extendedchanmode set factorydefault set firStepLvl set fragmentthreshold set frequency set gateway set gbeaconrate set groupkeyupdate set gdraft5 set hostipaddr set ipaddr...
  • Page 124 B: C PPENDIX OMMAND Table 24 Console Commands Command set overRidetxpower set operationMode set password set passphrase set power set quietAckCtsAllow set quietDuration set quietOffset set radiusname set radiusport set radiussecret set rate set regulatorydomain set remoteAP set hwtxretries set swtxretries set rtsthreshold set shortpreamble set shortslottime...
  • Page 125 Table 24 Console Commands Command set wlanstate set wirelessmode set 80211d set http set HttpPort set https set HttpsPort set syslog set syslogSeverity set syslogServer set manageOnlyLan set roguedetect set rogueinteval set rogueband set roguetype set roguesnmp set roguelegal set autoConfig set autoResponse set autoChangeName set autoSetResp...
  • Page 126 B: C PPENDIX OMMAND Table 24 Console Commands Command set profileName set profileVlanId set APPrimaryProfile set WDSPrimaryProfile set securityMode set Accounting set Accountingport set keyValue set keyLength set keyIndex set UAM set UAMMethod set UAMLoginURL set UAMLoginFailURL set macAuth set snmpMode set snmpCommunity set snmpAccessRight set snmpAnyStaMode...
  • Page 127 Table 24 Console Commands Command set sdSet set sdAdd set sdDel start wlan stop wlan timeofday version Command Reference Description Set debug level Add debug level Del debug level Start the current WLAN Stop the current WLAN Display current time of day Software version...
  • Page 128 B: C PPENDIX OMMAND EFERENCE...

  • Page 129: Wireless Lan Basics

    This appendix provides basic information on wireless local networks. Other terms related to wireless networks that are not included in this appendix can be found in the Wireless Modes There are two modes in which wireless local networks can operate: ■...

  • Page 130: Ess/Essid

    C: W LAN B PPENDIX IRELESS ESS/ESSID A group of wireless stations and multiple Access Points, all using the same ID (ESSID), form an Extended Service Set (ESS). Different Access Points within an ESS can use different channels. To reduce interference, it is recommended that adjacent Access Points should use different channels.

  • Page 131: Wpa-Psk

    WPA-PSK Like WEP, data is encrypted before transmission. WPA is more secure than WEP, and should be used if possible. The PSK (pre-shared key) must be entered on each wireless station. The 256Bit encryption key is derived from the PSK, and changes frequently. WPA-802.1x This version of WPA requires a RADIUS Server on the local network to provide the client authentication according to the 802.1x standard.
  • Page 132 C: W LAN B PPENDIX IRELESS ASICS...

  • Page 133: Onfiguring The

    This appendix provides information on how to configure the TCP/IP settings of a wireless station on different Windows platforms. Overview of TCP/IP Transmission Control Protocol/Internet Protocol (TCP/IP) is probably the most widely known and is a combination of two protocols (IP and TCP) working together.
  • Page 134 D: C TCP/IP S PPENDIX ONFIGURING THE ETTINGS OF IRELESS TATIONS Figure 56 Local Area Connection Properties Dialog Box on Windows XP 3 Click Internet Protocol (TCP/IP), and then click Properties. The TCP/IP Properties dialog box, as shown in Figure 61, appears.
  • Page 135 Figure 57 Internet Protocol (TCP/IP) Properties Dialog Box on Windows XP 4 Verify that the TCP/IP settings are correct. If a DHCP server automatically assigns IP addresses on the network, ■ click Obtain an IP address automatically. If static IP addresses are assigned to computers on the network, click ■...

  • Page 136: Configuring Tcp/Ip On Windows 2000

    D: C PPENDIX ONFIGURING THE Configuring TCP/IP To configure the TCP/IP settings of a wireless station that is running on Windows 2000 Windows 2000: 1 From the Start menu, point to Settings, and then click Network and Dial-up Connections. 2 Right-click the local area network connection that you want to configure, and then click Properties.
  • Page 137 Figure 59 Internet Protocol (TCP/IP) Properties Dialog Box on Windows 2000 4 Verify that the TCP/IP settings are correct. If a DHCP server automatically assigns IP addresses on the network, ■ click Obtain an IP address automatically. If static IP addresses are assigned to computers on the network, click ■...

  • Page 138: Configuring Tcp/Ip On Windows

    D: C PPENDIX ONFIGURING THE Configuring TCP/IP To configure the TCP/IP settings of a wireless station that is running on Windows Windows Me, 9x, or 95: Me/98/95 1 From the Start menu, point to Settings, and then click Control Panel. 2 Double-click Network.

  • Page 139: Configuring Tcp/Ip On Windows Nt

    ■ ■ 5 Click OK. You may have to restart the wireless station for the changes to take effect. Configuring TCP/IP To configure the TCP/IP settings of a wireless station that is running on Windows NT 4.0 Windows NT 4.0: 1 From the Start menu, point to Settings, and then click Control Panel.
  • Page 140 D: C TCP/IP S PPENDIX ONFIGURING THE ETTINGS OF IRELESS TATIONS Figure 62 Network Dialog Box on Windows NT 3 Select the TCP/IP component for the wireless network card, and then click Properties. The Microsoft TCP/IP Properties dialog box, as shown in Figure 61, appears.
  • Page 141 Figure 63 Microsoft TCP/IP Properties Dialog Box 4 Verify that the TCP/IP settings are correct. If a DHCP server automatically assigns IP addresses on the network, ■ click Obtain an IP address automatically. If static IP addresses are assigned to computers on the network, click ■...
  • Page 142 D: C TCP/IP S PPENDIX ONFIGURING THE ETTINGS OF IRELESS TATIONS...

  • Page 143: Upport For Your Product

    Warranty and other service benefits are enabled through product registration. Register your product at 3Com eSupport services are based on accounts that you create or have authorization to access. First time users must apply for a user name and password that provides access to a number of eSupport features including Product Registration, Repair Services, and Service Request.

  • Page 144: Troubleshoot Online

    E: O PPENDIX BTAINING UPPORT FOR Troubleshoot You will find support tools posted on the 3Com Web site at Online http://www.3com.com/ 3Com Knowledgebase helps you troubleshoot 3Com products. This query-based interactive tool is located at http://knowledgebase.3com.com solutions written by 3Com support engineers.

  • Page 145: Contact Us

    To send a product directly to 3Com for repair, you must first obtain a return authorization number (RMA). Products sent to 3Com, without authorization numbers clearly marked on the outside of the package, will be returned to the sender unopened, at the sender’s expense. If your...
  • Page 146 You can also obtain support in this region using the following URL: http://emea.3com.com/support/email.html Latin America Telephone Technical Support and Repair Antigua 1 800 988 2112 Argentina 0 810 444 3COM Aruba 1 800 998 2112 Bahamas 1 800 998 2112 Barbados...

  • Page 147: Safety Information

    Important Safety Information WARNING: Warnings contain directions that you must follow for your personal safety. Follow all directions carefully. You must read the following safety information carefully before you install or remove the unit. WARNING: The Access Point generates and uses radio frequency (rf) energy.

  • Page 148: Wichtige Sicherheitshinweise

    F: S PPENDIX AFETY NFORMATION WARNING: RJ-45 ports. These are shielded RJ-45 data sockets. They cannot be used as telephone sockets. Connect only RJ-45 data connectors to these sockets. Wichtige Sicherheitshinweise VORSICHT: Warnhinweise enthalten Anweisungen, die Sie zu Ihrer eigenen Sicherheit befolgen müssen. Alle Anweisungen sind sorgfältig zu befolgen.

  • Page 149: Consignes Importantes De Sécurité

    VORSICHT: RJ-45-Anschlüsse. Dies sind abgeschirmte RJ-45-Datenbuchsen. Sie können nicht als Telefonanschlußbuchsen verwendet werden. An diesen Buchsen dürfen nur RJ-45-Datenstecker angeschlossen werden. Consignes Importantes de Sécurité AVERTISSEMENT: Les avertissements présentent des consignes que vous devez respecter pour garantir votre sécurité personnelle. Vous devez respecter attentivement toutes les consignes.
  • Page 150 F: S PPENDIX AFETY NFORMATION AVERTISSEMENT: Débranchez l'adaptateur électrique avant de retirer cet appareil. AVERTISSEMENT: Ports RJ-45. Il s'agit de prises femelles blindées de données RJ-45. Vous ne pouvez pas les utiliser comme prise de téléphone. Branchez uniquement des connecteurs de données RJ-45 sur ces prises femelles.
  • Page 151 LOSSARY 802.11a The IEEE specification for wireless Ethernet which allows speeds of up to 54 Mbps in the 5GHz range. The standard provides for 6, 12, 24, 36, 48 and 54 Mbps data rates. The rates will switch automatically depending on range and environment. 802.11b The IEEE specification for wireless Ethernet which allows speeds of up to 11 Mbps.
  • Page 152 DNS server address DNS stands for Domain Name System, which allows Internet host computers to have a domain name (such as 3com.com) and one or more IP addresses (such as 192.34.45.8). A DNS server keeps a database of host computers and their respective domain names and IP addresses, so that when a domain name is requested (as in typing “3com.com”...
  • Page 153 LOSSARY they connect LANs of the same type; however they connect more LANs than a repeater and are generally more sophisticated. IEEE Institute of Electrical and Electronics Engineers. This American organization was founded in 1963 and sets standards for computers and communications.
  • Page 154 LOSSARY network A network is a collection of computers and other computer equipment that are connected for the purpose of exchanging information or sharing resources. Networks vary in size, some are within a single room, others span continents. network interface A circuit board installed into a piece of computing equipment, for card (NIC) example, a computer, that enables you to connect it to the network.
  • Page 155 its destination. IP relates to the address of the end station to which data is being sent, as well as the address of the destination network. traffic The movement of data packets on a network. Wired Equivalent Privacy. A shared key encryption mechanism for wireless networking.
  • Page 156 LOSSARY...
  • Page 157 NDEX Numbers 3Com Access Point Manager 23, 88 802.1x client authentication 74 access control 45 backing up trusted list 49 deleting a MAC address 47 importing trusted list 47 MAC address-based 48 manually adding a trusted station 46 administrator access...
  • Page 158 NDEX viewing 83 maximum throughput 6 Microsoft IAS as RADIUS server 63 CA server setup 68 DHCP server setup 65 domain controller setup 63 required services 64 setting up as RADIUS server 70 multiple SSIDs 13 benefits 13 output power level 58 package contents 16 physical features 17 back panel 17...
  • Page 159 configuring 40 external authentication 42 internal authentication 41 Universal Access Method. See UAM VLAN 14 VLAN support 44 WDS 7, 8 supported encryption 10 Web interface buttons 28 connecting 22 menu 27 navigating 27 tabs 27 timeout setting 28 key 40 key index 40 wireless bridge 8 point-to-multipoint (PTMP) 9...
  • Page 160 NDEX...
  • Page 161 EGULATORY OTICES HANNEL ESTRICTIONS FCC S TATEMENT CSA S TATEMENT CE S TATEMENT UROPE VCCI S TATEMENT Use of the OfficeConnect Wireless 108 Mbps 11g PoE Access Point is only authorized for the channels approved by each country. For proper installation, log on to the Web interface, and then select your country from the drop-down list.
  • Page 162 IC S TATEMENT This digital apparatus does not exceed the Class B limits for radio noise emissions from digital apparatus set out in the interference-causing equipment standard entitled “Digital Apparatus”, ICES-003 of Industry Canada. Cet appareil numérique respecte les limites de bruits radioélectriques applicables aux appareils numériques de Classe B préscrites dans la norme sur le matèriel brouilleur: “Appareils Numériques”, NMB-003 édictée par l'Industrie Canada.

This manual is also suitable for:

Officeconnect 3crgpoe100753crgpoe10075-us - officeconnect wireless 108mbps 11g poe access pointOfficeconnect wl-529

Table of Contents