Page 1 ZyAIR G-5100 Outdoor 802.11g Business Access Point/Bridge/Repeater User’s Guide Version 3.50 11/2004...
Page 2: Copyright
Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others.
Page 3: Federal Communications Commission (Fcc) Interference Statement
Certifications Go to www.zyxel.com 1 Select your product from the drop-down list box on the ZyXEL home page to go to that product's page. 2 Select the certification you wish to view from this page Federal Communications Commission (FCC) Interference Statement...
Page 4: Zyxel Limited Warranty
Any replacement will consist of a new or re-manufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Page 5: Customer Support
ZyAIR G-5100 User’s Guide Customer Support Please have the following information ready when you contact customer support. • Product model and serial number. • Warranty Information. • Date that you received your device. • Brief description of the problem and the steps you took to solve it.
Page 6: Table Of Contents
ZyAIR G-5100 User’s Guide Table of Contents Copyright ........................2 Federal Communications Commission (FCC) Interference Statement ....3 ZyXEL Limited Warranty..................4 Customer Support....................5 Preface ........................22 Chapter 1 Getting to Know Your ZyAIR ................. 26 1.1 Introducing the ZyAIR ..................26 1.2 ZyAIR Features ....................26...
Page 7 ZyAIR G-5100 User’s Guide Chapter 4 System Screens ..................... 48 4.1 System Overview ....................48 4.2 Configuring General Setup .................48 4.3 Configuring Password ..................49 4.4 Configuring Time Setting ...................50 Chapter 5 Wireless Configuration and Roaming ..............54 5.1 Wireless LAN Overview ..................54 5.1.1 IBSS ......................54...
Page 8 ZyAIR G-5100 User’s Guide 6.10.1 User Authentication ................81 6.10.2 Encryption ....................81 6.11 WPA-PSK Application Example ................81 6.12 WPA with RADIUS Application Example ............82 6.13 Security Parameters Summary ................83 6.14 Wireless Client WPA Supplicants ..............84 6.15 Configuring 802.1x and WPA ................84 6.16 Authentication Required: 802.1x ..............85...
Page 9 ZyAIR G-5100 User’s Guide Chapter 10 Log Screens......................120 10.1 Configuring View Log ..................120 10.2 Configuring Log Settings ................122 Chapter 11 Maintenance ......................126 11.1 Maintenance Overview ...................126 11.2 System Status Screen ..................126 11.2.1 System Statistics ...................127 11.3 Association List ....................128 11.4 Channel Usage ....................129...
Page 10 ZyAIR G-5100 User’s Guide 14.3.3 Configuring Bridge Link ................154 Chapter 15 Dial-in User Setup ....................158 15.1 Dial-in User Setup ..................158 Chapter 16 SNMP Configuration .................... 160 16.1 About SNMP ....................160 16.2 Supported MIBs ....................161 16.3 SNMP Configuration ..................161 16.4 SNMP Traps ....................162 Chapter 17 System Security ....................
Page 11 ZyAIR G-5100 User’s Guide 19.4.2 Configuration File Upload ..............183 19.4.3 Using the FTP command from the DOS Prompt Example ....183 19.4.4 TFTP File Upload ..................184 19.4.5 Example: TFTP Command ..............185 19.4.6 Uploading Via Console Port ..............185 19.4.7 Uploading Firmware File Via Console Port ...........185 19.4.8 Example Xmodem Firmware Upload Using HyperTerminal ....186...
Page 12 ZyAIR G-5100 User’s Guide Appendix H Types of EAP Authentication ................232 Appendix I Outdoor Site Planning ..................234 Appendix J Outdoor Installation Recommendations ............240 Appendix K Command Interpreter................... 244 Appendix L Brute-Force Password Guessing Protection............. 246 Appendix M Log Descriptions....................
Page 13 ZyAIR G-5100 User’s Guide Table of Contents...
Page 14 ZyAIR G-5100 User’s Guide List of Figures Figure 1 PoE Installation Example ..................27 Figure 2 WDS Functionality Example ................. 27 Figure 3 Access Point Application ..................31 Figure 4 AP+Bridge Application ..................32 Figure 5 Bridge Application ....................33 Figure 6 Repeater Application .....................
Page 15 ZyAIR G-5100 User’s Guide Figure 37 Wireless LAN: 802.1x/WPA ................85 Figure 38 Wireless LAN: 802.1x/WPA for 802.1x Protocol ..........86 Figure 39 Wireless LAN: 802.1x/WPA for WPA Protocol ............ 90 Figure 40 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol ..........92 Figure 41 IP Setup ......................
Page 16 ZyAIR G-5100 User’s Guide Figure 80 Menu 3.5 Wireless LAN Setup ................153 Figure 81 Menu 3.5.2 - Roaming Configuration ..............154 Figure 82 Menu 3.5 Wireless LAN Setup ................155 Figure 83 Menu 3.5.4 - Bridge Link Configuration .............. 156 Figure 84 Menu 14- Dial-in User Setup ................
Page 17 ZyAIR G-5100 User’s Guide Figure 123 Windows XP: Start Menu .................. 210 Figure 124 Windows XP: Control Panel ................210 Figure 125 Windows XP: Control Panel: Network Connections: Properties ....... 211 Figure 126 Windows XP: Local Area Connection Properties ..........211 Figure 127 Windows XP: Internet Protocol (TCP/IP) Properties .........
Page 18 ZyAIR G-5100 User’s Guide List of Tables Table 1 IEEE 802.11g ......................28 Table 2 IEEE 802.11b ......................28 Table 3 Screens Summary ....................37 Table 4 Wizard 1: General Setup ..................41 Table 5 Wizard 2: Wireless LAN Setup ................42 Table 6 Private IP Address Ranges ...................
Page 19 ZyAIR G-5100 User’s Guide Table 37 System Status ...................... 126 Table 38 System Status: Show Statistics ................127 Table 39 Association List ....................129 Table 40 Channel Usage ....................130 Table 41 Firmware Upload ....................131 Table 42 Restore Configuration ..................134 Table 43 Main Menu Commands ..................
Page 20 ZyAIR G-5100 User’s Guide Table 80 Power over Ethernet Injector Specifications ............204 Table 81 Power over Ethernet Injector RJ-45 Port Pin Assignments ......... 204 Table 82 Classes of IP Addresses ..................218 Table 83 Allowed IP Address Range By Class ..............219 Table 84 “Natural”...
Page 21 ZyAIR G-5100 User’s Guide List of Tables...
Page 22: Preface
ZyAIR G-5100 User’s Guide Preface Congratulations on your purchase of the ZyAIR G-5100 Outdoor 802.11g Business Access Point/Bridge/Repeater. The ZyAIR is an AP through which wireless stations can communicate and/or access a wired network. The ZyAIR can also function as a wireless network bridge/repeater and establish up to six wireless links with other APs.
Page 23: User Guide Feedback
• For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in other words” throughout this manual. • The ZyAIR G-5100 may be referred to simply as the ZyAIR in the user’s guide. Preface...
Page 24: Graphics Icons Key
ZyAIR G-5100 User’s Guide Graphics Icons Key ZyAIR Computer Notebook computer Server DSLAM Firewall Modem Switch Router Wireless Signal Preface...
Page 25 ZyAIR G-5100 User’s Guide Preface...
Page 26: Getting To Know Your Zyair
Power over Ethernet (PoE) is the ability to provide power to your ZyAIR via an 8-pin CAT 5 Ethernet cable, eliminating the need for a nearby power source. The ZyAIR G-5100 includes a special high current power injector that allows the ZyAIR to be located farther away. This feature allows increased flexibility in the locating of your ZyAIR.
Page 27: Figure 1 Poe Installation Example
ZyAIR G-5100 User’s Guide Figure 1 PoE Installation Example Wi-Fi Protected Access Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft. Key differences between WPA and WEP are user authentication and improved data encryption. WDS Functionality A Distribution System (DS) is a wired connection between two or more APs, while a Wireless Distribution System (WDS) is a wireless connection.
Page 28: Table 1 Ieee 802.11G
ZyAIR G-5100 User’s Guide IEEE 802.11g Wireless LAN Standard The ZyAIR complies with the IEEE 802.11g wireless standard. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data rates. The IEEE 802.11g data rate and modulation are as follows. The modulation technique defines how bits are encoded onto radio waves.
Page 29: Vpn Passthrough
ZyAIR G-5100 User’s Guide SSL Passthrough SSL (Secure Sockets Layer) uses a public key to encrypt data that's transmitted over an SSL connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with “https”...
Page 30: Applications For The Zyair
ZyAIR G-5100 User’s Guide SNMP SNMP (Simple Network Management Protocol) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your ZyAIR supports SNMP agent functionality, which allows a manger station to manage and monitor the ZyAIR through the network.
Page 31: Access Point
ZyAIR G-5100 User’s Guide 3 Bridge/Repeater Applications for each operating mode are shown below. 1.3.1 Access Point The ZyAIR is an ideal access solution for wireless Internet connection. A typical Internet access application for your ZyAIR is shown as follows. Stations A, B and C can access the wired network through the ZyAIRs.
Page 32: Bridge / Repeater
ZyAIR G-5100 User’s Guide Figure 4 AP+Bridge Application 1.3.3 Bridge / Repeater The ZyAIR can act as a wireless network bridge and establish wireless links with other APs. In bridge mode, the ZyAIRs (see A and B in Figure 5 on page 33) are connected to independent wired networks and have a bridge (A can communicate with B) connection at the same time.
Page 33: Figure 5 Bridge Application
ZyAIR G-5100 User’s Guide Figure 5 Bridge Application Figure 6 Repeater Application Chapter 1 Getting to Know Your ZyAIR...
Page 34: Introducing The Web Configurator
ZyAIR G-5100 User’s Guide H A P T E R Introducing the Web Configurator This chapter describes how to access the ZyAIR web configurator and provides an overview of its screens. The default IP address of the ZyAIR is 192.168.1.2.
Page 35: Resetting The Zyair
ZyAIR G-5100 User’s Guide Figure 8 Replace Certificate Screen. 8 You should now see the MAIN MENU screen (see Figure 10 on page 37). Note: The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes).
Page 36: Navigating The Zyair Web Configurator
ZyAIR G-5100 User’s Guide Figure 9 Example Xmodem Upload Type the configuration file’s location, or click Browse to search for it. Choose the Xmodem protocol. Then click Send. 4 After a successful configuration file upload, type “atgo” to restart the ZyAIR.
Page 37: Figure 10 The Main Menu Screen Of The Web Configurator
ZyAIR G-5100 User’s Guide Figure 10 The MAIN MENU Screen of the Web Configurator Use submenus to configure ZyAIR features. Click LOGOUT at any time to exit the web configurator. The following table describes the sub-menus. Table 3 Screens Summary...
Page 38 ZyAIR G-5100 User’s Guide Table 3 Screens Summary (continued) LINK FUNCTION AUTH. SERVER Setting Configure this screen to use the internal server to authenticate wireless users. Trusted AP Configure this screen to allow specified AP’s to communicate with the ZyAIR.
Page 39 ZyAIR G-5100 User’s Guide Chapter 2 Introducing the Web Configurator...
Page 40: Chapter 3 Wizard Setup
ZyAIR G-5100 User’s Guide H A P T E R Wizard Setup This chapter provides information on the Wizard Setup screens in the web configurator. 3.1 Wizard Setup Overview The web configurator’s setup wizard helps you configure your ZyAIR for wireless stations to access your wired LAN.
Page 41: Wizard Setup: General Setup
ZyAIR G-5100 User’s Guide 3.2 Wizard Setup: General Setup General Setup contains administrative and system-related information. The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the ZyAIR via DHCP.
Page 42: Wizard Setup: Wireless Lan
ZyAIR G-5100 User’s Guide 3.3 Wizard Setup: Wireless LAN Use the second wizard screen to set up the wireless LAN. Figure 12 Wizard 2: Wireless LAN Setup The following table describes the labels in this screen. Table 5 Wizard 2: Wireless LAN Setup...
Page 43: Wizard Setup: Ip Address
ZyAIR G-5100 User’s Guide Table 5 Wizard 2: Wireless LAN Setup (continued) LABEL DESCRIPTION Key 1 to Key 4 The WEP keys are used to encrypt data. Both the ZyAIR and the wireless stations must use the same WEP key for data transmission.
Page 44: Ip Address And Subnet Mask
ZyAIR G-5100 User’s Guide 3.4.2 IP Address and Subnet Mask Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number. Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Page 45: Figure 13 Wizard 3: Ip Address Assignment
ZyAIR G-5100 User’s Guide Figure 13 Wizard 3: IP Address Assignment The following table describes the labels in this screen. Table 7 Wizard 3: IP Address Assignment LABEL DESCRIPTION IP Address Assignment Get automatically from Select this option if your ZyAIR is using a dynamically assigned IP address DHCP from a DHCP server each time.
Page 46: Basic Setup Complete
ZyAIR G-5100 User’s Guide 3.5 Basic Setup Complete When you click Finish in the Wizard 3 IP Address Assignment screen, a warning window display as shown. Click OK to close the window and log in to the web configurator again using the new IP address if you changed from the default IP address (192.168.1.2).
Page 47 ZyAIR G-5100 User’s Guide Chapter 3 Wizard Setup...
Page 48: Chapter 4 System Screens
ZyAIR G-5100 User’s Guide H A P T E R System Screens 4.1 System Overview This section provides information on general system setup. 4.2 Configuring General Setup Click the SYSTEM link under ADVANCED to open the General screen. Figure 15 System General The following table describes the labels in this screen.
Page 49: Configuring Password
ZyAIR G-5100 User’s Guide Table 8 System General Setup (continued) LABEL DESCRIPTION Domain Name This is not a required field. Leave this field blank or enter the domain name here if you know it. Administrator Type how many minutes a management session (either via the web Inactivity Timer configurator or SMT) can be left idle before the session times out.
Page 50: Configuring Time Setting
ZyAIR G-5100 User’s Guide Figure 16 Password. The following table describes the labels in this screen. Table 9 Password LABEL DESCRIPTIONS Old Password Type in your existing system password (1234 is the default password). New Password Type your new system password (up to 31 characters). Note that as you type a password, the screen displays an asterisk (*) for each character you type.
Page 51: Figure 17 Time Setting
ZyAIR G-5100 User’s Guide Figure 17 Time Setting The following table describes the labels in this screen. Table 10 Time Setting LABEL DESCRIPTION Time Protocol Select the time service protocol that your time server sends when you turn on the ZyAIR. Not all time servers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works.
Page 52 ZyAIR G-5100 User’s Guide Table 10 Time Setting (continued) LABEL DESCRIPTION New Time (hh:mm:ss) This field displays the last updated time from the time server. When you select None in the Time Protocol field, enter the new time in this field and then click Apply.
Page 53 ZyAIR G-5100 User’s Guide Chapter 4 System Screens...
Page 54: Wireless Configuration And Roaming
ZyAIR G-5100 User’s Guide H A P T E R Wireless Configuration and Roaming This chapter discusses how to configure the Wireless and Roaming screens. 5.1 Wireless LAN Overview This section introduces the wireless LAN (WLAN) and some basic scenarios.
Page 55: Ess
ZyAIR G-5100 User’s Guide Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS is enabled, wireless station A and B can access the wired network and communicate with each other. When Intra-BSS is disabled, wireless station A and B can still access the wired network but cannot communicate with each other.
Page 56: Wireless Lan Basics
ZyAIR G-5100 User’s Guide Figure 20 Extended Service Set 5.2 Wireless LAN Basics Refer also to Chapter 3 on page 40 for more background information on Wireless LAN features, such as channels. 5.2.1 RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other.
Page 57: Fragmentation Threshold
ZyAIR G-5100 User’s Guide Figure 21 RTS/CTS When station A sends data to the ZyAIR, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Page 58: Spanning Tree Protocol (Stp)
ZyAIR G-5100 User’s Guide A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size.
Page 59: How Stp Works
ZyAIR G-5100 User’s Guide For each LAN segment, a designated bridge is selected. This bridge has the lowest cost to the root among the bridges connected to the LAN. 5.3.3 How STP Works After a bridge determines the lowest cost-spanning tree with STP, it enables the root port and the ports that are the designated ports for connected LANs, and disables all other ports that participate in STP.
Page 60: Access Point Mode
ZyAIR G-5100 User’s Guide 5.4.1 Access Point Mode Select Access Point in the Operating Mode drop-down list box to display the screen as shown next. Figure 22 Wireless: Access Point The following table describes the general wireless LAN labels in this screen.
Page 61: Table 13 Wireless: Access Point
ZyAIR G-5100 User’s Guide Table 13 Wireless: Access Point LABEL DESCRIPTION Operating Mode Select the operating mode from the drop-down list. The options are Access Point, Bridge/Repeater and AP+Bridge. Name (SSID) (Service Set IDentity) The SSID identifies the Service Set with which a wireless station is associated.
Page 62: Bridge/Repeater Mode
ZyAIR G-5100 User’s Guide Table 13 Wireless: Access Point (continued) LABEL DESCRIPTION Enable Intra- Select this check box to allow wireless stations connected to the ZyAIR to BSS Traffic communicate with each other. Disable Intra-BSS traffic to only allow wireless stations to communicate with the wired network, not with each other.
Page 63: Figure 23 Bridging Example
ZyAIR G-5100 User’s Guide In the example below, when both ZyAIRs are in Bridge/Repeater mode, they form a WDS (Wireless Distribution System) allowing the computers in LAN 1 to connect to the computers in LAN 2. Figure 23 Bridging Example Be careful to avoid bridge loops when you enable bridging in the ZyAIR.
Page 64: Figure 25 Bridge Loop: Bridge Connected To Wired Lan
ZyAIR G-5100 User’s Guide Figure 25 Bridge Loop: Bridge Connected to Wired LAN To prevent bridge loops, ensure that you enable STP in the Wireless screen or your ZyAIR is not set to bridge mode while connected to both wired and wireless segments of the same LAN.
Page 65: Figure 26 Wireless: Bridge/Repeater
ZyAIR G-5100 User’s Guide Figure 26 Wireless: Bridge/Repeater The following table describes the labels in this screen that are specific to bridge/repeater mode. Table 14 Wireless: Bridge/Repeater LABEL DESCRIPTIONS Operating Mode Select Bridge/Repeater in this field to display the screen shown above.
Page 66: Ap+Bridge Mode
ZyAIR G-5100 User’s Guide Table 14 Wireless: Bridge/Repeater (continued) LABEL DESCRIPTIONS Type a pre-shared key from 8 to 63 case-sensitive ASCII characters (including spaces and symbols). When the ZyAIR is in Bridge/Repeater mode, you don’t have to enter a pre- shared key, but the traffic between devices won’t be encrypted if you don’t.
Page 67: Figure 27 Wireless: Ap+Bridge
ZyAIR G-5100 User’s Guide Figure 27 Wireless: AP+Bridge Table 13 on page 61 Table 14 on page 65 descriptions of the fields in the Access Point and Bridge/Repeater operating modes for descriptions of the fields in this screen. Chapter 5 Wireless Configuration and Roaming...
Page 68: Configuring Roaming
(bridge tables are updated) and maximum AP efficiency. The AP deletes records of wireless stations that associate with other APs (Non-ZyXEL APs may not be able to perform this). IEEE 802.1x authentication information is not exchanged (at the time of writing).
Page 69: Requirements For Roaming
ZyAIR G-5100 User’s Guide Figure 28 Roaming Example The steps below describe the roaming process. 1 As wireless station Y moves from the coverage area of access point AP 1 to that of access point 2 AP 2, it scans and uses the signal of access point AP 2.
Page 70: Figure 29 Roaming
ZyAIR G-5100 User’s Guide To enable roaming on your ZyAIR, click the WIRELESS link under ADVANCED and then the Roaming tab. The screen appears as shown. Figure 29 Roaming The following table describes the labels in this screen. Table 15 Roaming...
Page 71 ZyAIR G-5100 User’s Guide Chapter 5 Wireless Configuration and Roaming...
Page 72: Chapter 6 Wireless Security
ZyAIR G-5100 User’s Guide H A P T E R Wireless Security This chapter describes how to configure security for your ZyAIR’s wireless connections. 6.1 Wireless Security Overview Wireless security is vital to your network to protect wireless communication between wireless stations, access points and the wired network.
Page 73: Data Encryption
ZyAIR G-5100 User’s Guide 6.2.1 Data Encryption WEP provides a mechanism for encrypting data using encryption keys. Both the AP and the wireless stations must use the same WEP key to encrypt and decrypt data. Your ZyAIR allows you to configure up to four 64-bit or 128-bit WEP keys, but only one key can be enabled at any one time.
Page 74: Configuring Wep Encryption
ZyAIR G-5100 User’s Guide When your ZyAIR's authentication method is set to open system, it will only accept open system authentication requests. The same is true for shared key authentication. However, when it is set to auto authentication, the ZyAIR will accept either type of authentication request and the ZyAIR will fall back to use open authentication if the shared key does not match.
Page 75: Figure 32 Wireless: Wep
ZyAIR G-5100 User’s Guide Figure 32 Wireless: WEP The following table describes the wireless LAN security labels in this screen. Table 16 Wireless: WEP LABEL DESCRIPTION WEP Encryption Select Disable to allow wireless stations to communicate with the access points without any data encryption.
Page 76: Mac Filter
ZyAIR G-5100 User’s Guide Table 16 Wireless: WEP (continued) LABEL DESCRIPTION Key 1 to The WEP keys are used to encrypt data. Both the ZyAIR and the wireless stations must use the same WEP key for data transmission. Key 4 If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F").
Page 77: Figure 33 Mac Address Filter
ZyAIR G-5100 User’s Guide Figure 33 MAC Address Filter The following table describes the labels in this screen. Table 17 MAC Address Filter LABEL DESCRIPTION Active Select Yes from the drop down list box to enable MAC address filtering. Filter Action Define the filter action for the list of MAC addresses in the MAC address filter table.
Page 78: Ieee 802.1X Overview
ZyAIR G-5100 User’s Guide Table 17 MAC Address Filter (continued) LABEL DESCRIPTION MAC Address Enter the MAC addresses (in XX:XX:XX:XX:XX:XX format) of the wireless station that are allowed or denied access to the ZyAIR in these address fields. Apply Click Apply to save your changes back to the ZyAIR.
Page 79: Eap Authentication Overview
ZyAIR G-5100 User’s Guide • Access-Reject Sent by a RADIUS server rejecting access. • Access-Accept Sent by a RADIUS server allowing access. • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access- Request message.
Page 80: Dynamic Wep Key Exchange
ZyAIR G-5100 User’s Guide Figure 34 EAP Authentication The details below provide a general description of how IEEE 802.1x EAP authentication works. For an example list of EAP-MD5 authentication steps, see the IEEE 802.1x appendix. 1 The wireless station sends a “start” message to the ZyAIR.
Page 81: Introduction To Wpa
ZyAIR G-5100 User’s Guide 6.10 Introduction to WPA Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft. Key differences between WPA and WEP are user authentication and improved data encryption. 6.10.1 User Authentication WPA applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using a RADIUS database.
Page 82: Wpa With Radius Application Example
ZyAIR G-5100 User’s Guide 1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters (including spaces and symbols). 2 The AP checks each client’s password and (only) allows it to join the network if it matches its password.
Page 83: Security Parameters Summary
ZyAIR G-5100 User’s Guide Figure 36 WPA with RADIUS Application Example 6.13 Security Parameters Summary Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type. You enter manual keys by first selecting 64-bit WEP or 128-bit WEP from the WEP Encryption field and then typing the keys (in ASCII or hexadecimal format) in the key text boxes.
Page 84: Wireless Client Wpa Supplicants
ZyAIR G-5100 User’s Guide Table 18 Wireless Security Relational Matrix AUTHENTICATION METHOD/ KEY ENCRYPTION ENTER MANUAL IEEE 802.1X MANAGEMENT METHOD PROTOCOL TKIP Enable WPA-PSK Enable WPA-PSK TKIP Enable 6.14 Wireless Client WPA Supplicants A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WPA.
Page 85: Authentication Required: 802.1X
ZyAIR G-5100 User’s Guide Figure 37 Wireless LAN: 802.1x/WPA The following table describes the labels in this screen. Table 19 Wireless LAN: 802.1x/WPA LABEL DESCRIPTION Wireless Port To control wireless stations access to the wired network, select a control method Control from the drop-down list box.
Page 86: Figure 38 Wireless Lan: 802.1X/Wpa For 802.1X Protocol
ZyAIR G-5100 User’s Guide Figure 38 Wireless LAN: 802.1x/WPA for 802.1x Protocol Chapter 6 Wireless Security...
Page 87: Table 20 Wireless Lan: 802.1X/Wpa For 802.1X Protocol
ZyAIR G-5100 User’s Guide The following table describes the labels in this screen. Table 20 Wireless LAN: 802.1x/WPA for 802.1x Protocol LABEL DESCRIPTION Wireless Port To control wireless stations access to the wired network, select a control method Control from the drop-down list box. Choose from No Authentication Required, Authentication Required and No Access Allowed.
Page 88 ZyAIR G-5100 User’s Guide Table 20 Wireless LAN: 802.1x/WPA for 802.1x Protocol (continued) LABEL DESCRIPTION Authentication The authentication database contains wireless station login information. The local Databases user database is the built-in database on the ZyAIR. The RADIUS is an external server.
Page 89: Authentication Required: Wpa
ZyAIR G-5100 User’s Guide Table 20 Wireless LAN: 802.1x/WPA for 802.1x Protocol (continued) LABEL DESCRIPTION Port Number Enter the port number of the external accounting server. The default port number is 1813. You need not change this value unless your network administrator instructs you to do so with additional information.
Page 90: Figure 39 Wireless Lan: 802.1X/Wpa For Wpa Protocol
ZyAIR G-5100 User’s Guide Figure 39 Wireless LAN: 802.1x/WPA for WPA Protocol The following table describes the labels not previously discussed. Chapter 6 Wireless Security...
Page 91: Authentication Required: Wpa-Psk
ZyAIR G-5100 User’s Guide Table 21 Wireless LAN: 802.1x/WPA for WPA Protocol LABEL DESCRIPTIONS Key Management Choose WPA in this field. Protocol WPA Mixed Mode The ZyAIR can operate in WPA Mixed Mode, which supports both clients running WPA and clients running dynamic WEP key exchange with 802.1x in the same Wi- Fi network.
Page 92: Figure 40 Wireless Lan: 802.1X/Wpa For Wpa-Psk Protocol
ZyAIR G-5100 User’s Guide Figure 40 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol The following table describes the labels not previously discussed Table 22 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol LABEL DESCRIPTION Key Management Choose WPA-PSK in this field. Protocol Pre-Shared Key The encryption mechanisms used for WPA and WPA-PSK are the same.
Page 93 ZyAIR G-5100 User’s Guide Chapter 6 Wireless Security...
Page 94: Chapter 7 Ip Screen
ZyAIR G-5100 User’s Guide H A P T E R IP Screen This chapter discusses how to configure IP on the ZyAIR 7.1 Factory Ethernet Defaults The Ethernet parameters of the ZyAIR are preset in the factory with the following values: 1 IP address of 192.168.1.2...
Page 95: Configuring Ip
ZyAIR G-5100 User’s Guide You can obtain your IP address from the IANA, from an ISP or have it assigned by a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks.
Page 96 ZyAIR G-5100 User’s Guide Table 24 IP Setup (continued) LABEL DESCRIPTION IP Address Enter the IP address of your ZyAIR in dotted decimal notation. Note: If you change the ZyAIR's IP address, you must use the new IP address if you want to access the web configurator again.
Page 97 ZyAIR G-5100 User’s Guide Chapter 7 IP Screen...
Page 98: Authentication Server
ZyAIR G-5100 User’s Guide H A P T E R Authentication Server 8.1 Authentication Server Overview The ZyAIR can use its internal RADIUS server to authenticate users or APs. See Chapter 6 on page 72 for background information on RADIUS and EAP.
Page 99: Configuring Trusted Ap
ZyAIR G-5100 User’s Guide Table 25 AUTH. SERVER: Setting LABEL DESCRIPTION Active Enable the authentication server to perform user authentication through an external authentication server. Disable the authentication server to enable user authentication using the local user profile on the ZyAIR.
Page 100: Configuring Trusted Users
ZyAIR G-5100 User’s Guide Figure 43 AUTH. SERVER: Trusted AP The following table describes the labels in this screen. Table 26 AUTH. SERVER: Trusted AP LABEL DESCRIPTION Active Activate an entry to allow that AP to communicate with the ZyAIR.
Page 101: Figure 44 Auth. Server: Trusted Users
ZyAIR G-5100 User’s Guide Figure 44 AUTH. SERVER: Trusted Users The following table describes the labels in this screen. Table 27 AUTH. SERVER: Trusted Users LABEL DESCRIPTION Active Select this check box to activate the user profile. User Name Enter the username (up to 31 characters) for this user profile.
Page 102: Chapter 9 Certificates
ZyAIR G-5100 User’s Guide H A P T E R Certificates This chapter gives background information about public-key certificates and explains how to use them. 9.1 Certificates Overview The ZyAIR can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs.
Page 103: Advantages Of Certificates
ZyAIR G-5100 User’s Guide 9.1.1 Advantages of Certificates Certificates offer the following benefits. • The ZyAIR only has to store the certificates of the certification authorities that you decide to trust, no matter how many devices you need to authenticate.
Page 104: Figure 46 My Certificates
Replace This button displays when the ZyAIR has the factory default certificate. The factory default certificate is common to all ZyAIRs that use certificates. ZyXEL recommends that you use this button to replace the factory default certificate with one that uses your ZyAIR's MAC address.
Page 105: Certificate File Formats
ZyAIR G-5100 User’s Guide Table 28 My Certificates (continued) LABEL DESCRIPTION Type This field displays what kind of certificate this is. REQ represents a certification request and is not yet a valid certificate. Send a certification request to a certification authority, which then issues a certificate. Use the My Certificate Import screen to import the certificate and replace the request.
Page 106: Importing A Certificate
ZyAIR G-5100 User’s Guide • Binary X.509: This is an ITU-T recommendation that defines the formats for X.509 certificates. • PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64 ASCII characters to convert a binary X.509 certificate into a printable form.
Page 107: Creating A Certificate
ZyAIR G-5100 User’s Guide Figure 47 My Certificate Import The following table describes the labels in this screen. Table 29 My Certificate Import LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it.
Page 108: Figure 48 My Certificate Create
ZyAIR G-5100 User’s Guide Figure 48 My Certificate Create The following table describes the labels in this screen. Table 30 My Certificate Create LABEL DESCRIPTION Certificate Name Type up to 31 ASCII characters (not including spaces) to identify this certificate.
Page 109 ZyAIR G-5100 User’s Guide Table 30 My Certificate Create (continued) LABEL DESCRIPTION Organizational Unit Type up to 127 characters to identify the organizational unit or department to which the certificate owner belongs. You may use any character, including spaces, but the ZyAIR drops trailing spaces.
Page 110: My Certificate Details
ZyAIR G-5100 User’s Guide Table 30 My Certificate Create (continued) LABEL DESCRIPTION Type the key that the certification authority gave you. Apply Click Apply to begin certificate or certification request generation. Cancel Click Cancel to quit and return to the My Certificates screen.
Page 111: Figure 49 My Certificate Details
ZyAIR G-5100 User’s Guide Figure 49 My Certificate Details Chapter 9 Certificates...
Page 112: Table 31 My Certificate Details
ZyAIR G-5100 User’s Guide The following table describes the labels in this screen. Table 31 My Certificate Details LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this certificate. You may use any character (not including spaces).
Page 113: Trusted Cas
ZyAIR G-5100 User’s Guide Table 31 My Certificate Details (continued) LABEL DESCRIPTION Subject Alternative This field displays the certificate owner‘s IP address (IP), domain name (DNS) or Name e-mail address (EMAIL). Key Usage This field displays for what functions the certificate’s key can be used. For example, “DigitalSignature”...
Page 114: Figure 50 Trusted Cas
ZyAIR G-5100 User’s Guide Figure 50 Trusted CAs The following table describes the labels in this screen. Table 32 Trusted CAs LABEL DESCRIPTION PKI Storage This bar displays the percentage of the ZyAIR’s PKI storage space that is currently Space in Use in use.
Page 115: Importing A Trusted Ca's Certificate
ZyAIR G-5100 User’s Guide Table 32 Trusted CAs (continued) LABEL DESCRIPTION CRL Issuer This field displays Yes if the certification authority issues Certificate Revocation Lists for the certificates that it has issued and you have selected the Issues certificate revocation lists (CRL) check box in the certificate’s details screen to have the ZyAIR check the CRL before trusting any certificates issued by the certification authority.
Page 116: Trusted Ca Certificate Details
ZyAIR G-5100 User’s Guide The following table describes the labels in this screen. Table 33 Trusted CA Import LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it.
Page 117: Figure 52 Trusted Ca Details
ZyAIR G-5100 User’s Guide Figure 52 Trusted CA Details Chapter 9 Certificates...
Page 118: Table 34 Trusted Ca Details
ZyAIR G-5100 User’s Guide The following table describes the labels in this screen. Table 34 Trusted CA Details LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this key certificate. You may use any character (not including spaces).
Page 119 ZyAIR G-5100 User’s Guide Table 34 Trusted CA Details (continued) LABEL DESCRIPTION Subject Alternative This field displays the certificate’s owner‘s IP address (IP), domain name (DNS) Name or e-mail address (EMAIL). Key Usage This field displays for what functions the certificate’s key can be used. For example, “DigitalSignature”...
Page 120: Chapter 10 Log Screens
ZyAIR G-5100 User’s Guide H A P T E R Log Screens This chapter contains information about configuring general log settings and viewing the ZyAIR’s logs. Refer to Appendix M on page 248 for example log message explanations. 10.1 Configuring View Log The web configurator allows you to look at all of the ZyAIR’s logs in one location.
Page 121: Figure 53 View Log
ZyAIR G-5100 User’s Guide Figure 53 View Log The following table describes the labels in this screen. Table 35 View Log LABEL DESCRIPTION Display Select a log category from the drop down list box to display logs within the selected category. To view all logs, select All Logs.
Page 122: Configuring Log Settings
ZyAIR G-5100 User’s Guide Table 35 View Log (continued) LABEL DESCRIPTION Destination This field lists the destination IP address and the port number of the incoming packet. Notes This field displays additional information about the log entry. 10.2 Configuring Log Settings To change your ZyAIR’s log settings, click LOGS and then Log Settings.
Page 123: Figure 54 Log Settings
ZyAIR G-5100 User’s Guide Figure 54 Log Settings The following table describes the labels in this screen. Table 36 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below.
Page 124 ZyAIR G-5100 User’s Guide Table 36 Log Settings (continued) LABEL DESCRIPTION Send Log to Logs are sent to the e-mail address specified in this field. If this field is left blank, logs will not be sent via e-mail. Send Alerts to Enter the e-mail address where the alert messages will be sent.
Page 125 ZyAIR G-5100 User’s Guide Chapter 10 Log Screens...
Page 126: Chapter 11 Maintenance
This is the System Name you enter in the first Internet Access Wizard screen. It is for identification purposes ZyNOS Firmware This is the ZyNOS Firmware version and the date created. ZyNOS is ZyXEL's Version proprietary Network Operating System design.
Page 127: System Statistics
ZyAIR G-5100 User’s Guide Table 37 System Status (continued) LABEL DESCRIPTION IP Address This is the Ethernet port IP address. IP Subnet Mask This is the Ethernet port subnet mask. DHCP This is the Ethernet port DHCP role - Client or None.
Page 128: Association List
ZyAIR G-5100 User’s Guide Table 38 System Status: Show Statistics (continued) LABEL DESCRIPTION Collisions This is the number of collisions on this port. Tx B/s This shows the transmission speed in bytes per second on this port. Rx B/s This shows the reception speed in bytes per second on this port.
Page 129: Channel Usage
ZyAIR G-5100 User’s Guide Figure 57 Association List The following table describes the labels in this screen. Table 39 Association List LABEL DESCRIPTION This is the index number of an associated wireless station. MAC Address This field displays the MAC address of an associated wireless station.
Page 130: F/W Upload Screen
Click Refresh to reload the screen. 11.5 F/W Upload Screen Find firmware at www.zyxel.com in a file that (usually) uses the system model name with a "*.bin" extension, e.g., "zyair.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot.
Page 131: Figure 59 Firmware Upload
ZyAIR G-5100 User’s Guide Click MAINTENANCE and then F/W Upload. Follow the instructions in this screen to upload firmware to your ZyAIR. Figure 59 Firmware Upload The following table describes the labels in this screen. Table 41 Firmware Upload LABEL...
Page 132: Configuration Screen
ZyAIR G-5100 User’s Guide Figure 60 Firmware Upload In Process The ZyAIR automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 61 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the System Status screen.
Page 133: Backup Configuration
ZyAIR G-5100 User’s Guide Click MAINTENANCE, and then the Configuration tab. Information related to backing up configuration, restoring configuration and restoring factory defaults appears as shown next. Figure 63 Configuration 11.6.1 Backup Configuration Backup configuration allows you to back up (save) the ZyAIR’s current configuration to a file on your computer.
Page 134: Restore Configuration
ZyAIR G-5100 User’s Guide 11.6.2 Restore Configuration Restore configuration allows you to upload a new or previously saved configuration file from your computer to your ZyAIR. Table 42 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ...
Page 135: Back To Factory Defaults
ZyAIR G-5100 User’s Guide Figure 66 Configuration Upload Error 11.6.3 Back to Factory Defaults Click the Reset button in this section to clear all user-entered configuration information and returns the ZyAIR to its factory defaults as shown on the screen. The following warning screen will appear.
Page 136: Figure 68 Restart Screen
ZyAIR G-5100 User’s Guide Figure 68 Restart Screen Chapter 11 Maintenance...
Page 137 ZyAIR G-5100 User’s Guide Chapter 11 Maintenance...
Page 138: Chapter 12 Introducing The Smt
ZyAIR G-5100 User’s Guide H A P T E R Introducing the SMT This chapter describes how to access the SMT and provides an overview of its menus 12.1 Introduction to the SMT The ZyAIR’s SMT (System Management Terminal) is a menu-driven interface that you can access from a terminal emulator through the console port or over a telnet connection.
Page 139: Entering The Password
ZyAIR G-5100 User’s Guide Figure 69 Initial Screen Copyright (c) 1994 - 2004 ZyXEL Communications Corp. initialize ch =0, ethernet address: 00:A0:C5:62:B0:E3 initialize ch =1, ethernet address: 00:A0:C5:62:B0:E3 initialize ch =2, ethernet address: 00:00:00:00:00:00 initialize ch =3, ethernet address: 00:A0:C5:62:B0:E3...
Page 140: Navigating The Smt Interface
ZyAIR G-5100 User’s Guide Figure 70 Login Screen Password : xxxx 3 After entering the password you will see the main menu. Please note that if there is no activity for longer than five minutes (default timeout period) after you log in, your ZyAIR will automatically log you out. You will then have to telnet into the ZyAIR again.
Page 141: System Management Terminal Interface Summary
SMT interface. After you enter the password, the SMT displays the main menu, as shown next. Figure 71 SMT Main Menu Copyright (c) 1994 - 2004 ZyXEL Communications Corp. ZyAIR G-5100 Main Menu Getting Started Advanced Management 1. General Setup 22.
Page 142: Changing The System Password
ZyAIR G-5100 User’s Guide Figure 72 SMT Menu Overview Example 12.5 Changing the System Password Change the ZyAIR default password by following the steps shown next. 1 From the main menu, enter 23 to display Menu 23 – System Security.
Page 143: Figure 73 Menu 23.1 System Security: Change Password
ZyAIR G-5100 User’s Guide Figure 73 Menu 23.1 System Security: Change Password Menu 23.1 – System Security – Change Password Old Password= **** New Password= ? Retype to confirm= ? Enter here to CONFIRM or ESC to CANCEL: 4 Type your new system password in the New Password field (up to 30 characters), and press [ENTER].
Page 144: Chapter 13 General Setup
ZyAIR G-5100 User’s Guide H A P T E R General Setup The chapter shows you the information on general setup. 13.1 General Setup Menu 1 – General Setup contains administrative and system-related information (shown next). The System Name field is for identification purposes. It is recommended you type your computer's "Computer name".
Page 145: Figure 74 Menu 1 General Setup
ZyAIR G-5100 User’s Guide Figure 74 Menu 1 General Setup Menu 1 - General Setup System Name= G-5100 Domain Name= First System DNS Server= From DHCP IP Address= N/A Second System DNS Server= None IP Address= N/A Third System DNS Server= None IP Address= N/A Fill in the required fields.
Page 146: Chapter 14 Lan Setup
ZyAIR G-5100 User’s Guide H A P T E R LAN Setup This chapter shows you how to configure the LAN on your ZyAIR. 14.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 – LAN Setup. From the main menu, enter 3 to display menu 3.
Page 147: Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 76 Menu 3.2 TCP/IP Setup Menu 3.2 - TCP/IP Setup IP Address Assignment= Static IP Address= 192.168.1.2 IP Subnet Mask= 255.255.255.0 Gateway IP Address= 0.0.0.0 Follow the instructions in the following table on how to configure the fields in this menu.
Page 148: Figure 77 Menu 3.5 Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 77 Menu 3.5 Wireless LAN Setup Menu 3.5 - Wireless LAN Setup Operating Mode= Access Point Name (SSID)= ZyXEL Hide Name (SSID)= No Edit MAC Address Filter= No Channel ID= CH06 2437MHz Edit Roaming Configuration= No...
Page 149 ZyAIR G-5100 User’s Guide Table 47 Menu 3.5 Wireless LAN Setup (continued) FIELD DESCRIPTION Key 1 to Key 4 The WEP keys are used to encrypt data. Both the ZyAIR and the wireless stations must use the same WEP key for data transmission.
Page 150: Configuring Mac Address Filter
ZyAIR G-5100 User’s Guide Table 47 Menu 3.5 Wireless LAN Setup (continued) FIELD DESCRIPTION Output Power Level Press [SPACE BAR] to select the amount of power you want the ZyAIR to use for the wireless signal. Use more power for greater range (larger coverage area).
Page 151: Figure 78 Menu 3.5 Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 78 Menu 3.5 Wireless LAN Setup Menu 3.5 - Wireless LAN Setup Operating Mode= Access Point Name (SSID)= ZyXEL Hide Name (SSID)= No Edit MAC Address Filter= Yes Channel ID= CH06 2437MHz Edit Roaming Configuration= No...
Page 152: Configuring Roaming
ZyAIR G-5100 User’s Guide The following table describes the fields in this menu. Table 48 Menu 3.5.1 WLAN MAC Address Filter FIELD DESCRIPTION Active To enable MAC address filtering, press [SPACE BAR] to select Yes and press [ENTER]. Filter Action Define the filter action for the list of MAC addresses in the MAC address filter table.
Page 153: Figure 80 Menu 3.5 Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 80 Menu 3.5 Wireless LAN Setup Menu 3.5 - Wireless LAN Setup Operating Mode= Access Point Name (SSID)= ZyXEL Hide Name (SSID)= No Edit MAC Address Filter= No Channel ID= CH06 2437MHz Edit Roaming Configuration= No...
Page 154: Configuring Bridge Link
ZyAIR G-5100 User’s Guide Figure 81 Menu 3.5.2 - Roaming Configuration Menu 3.5.2 - Roaming Configuration Active= No Port #= N/A The following table describes the fields in this menu. Table 49 Menu 3.5.2 - Roaming Configuration FIELD DESCRIPTION Active Press [SPACE BAR] to select Yes from the drop-down list box to enable roaming on the ZyAIR if you have two or more ZyAIRs on the same subnet.
Page 155: Figure 82 Menu 3.5 Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 82 Menu 3.5 Wireless LAN Setup Menu 3.5 - Wireless LAN Setup Operating Mode= Bridge / Repeater Name (SSID)= N/A Hide Name (SSID)= N/A Edit MAC Address Filter= N/A Channel ID= CH06 2437MHz Edit Roaming Configuration= N/A...
Page 156: Figure 83 Menu 3.5.4 - Bridge Link Configuration
ZyAIR G-5100 User’s Guide Figure 83 Menu 3.5.4 - Bridge Link Configuration Menu 3.5.4 - Bridge Link Configuration Enable Link 1= No Peer MAC Address= 00:00:00:00:00:00 PSK= N/A Enable Link 2= No Peer MAC Address= 00:00:00:00:00:00 PSK= N/A Enable Link 3= No...
Page 157 ZyAIR G-5100 User’s Guide Chapter 14 LAN Setup...
Page 158: Chapter 15 Dial-In User Setup
ZyAIR G-5100 User’s Guide H A P T E R Dial-in User Setup This chapter shows you how to create user accounts on the ZyAIR. 15.1 Dial-in User Setup By storing user profiles locally, your ZyAIR is able to authenticate wireless users without interacting with a network RADIUS server.
Page 159: Figure 85 Menu 14.1- Edit Dial-In User
ZyAIR G-5100 User’s Guide Figure 85 Menu 14.1- Edit Dial-in User Menu 14.1 - Edit Dial-in User User Name= test Active= Yes Password= ******** Press ENTER to Confirm or ESC to Cancel: Leave name field blank to delete profile The following table describes the fields in this screen.
Page 160: Chapter 16 Snmp Configuration
ZyAIR G-5100 User’s Guide H A P T E R SNMP Configuration This chapter explains SNMP Configuration menu 22. 16.1 About SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your ZyAIR supports SNMP agent functionality, which allows a manager station to manage and monitor the ZyAIR through the network.
Page 161: Supported Mibs
ZyAIR G-5100 User’s Guide The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include the number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects.
Page 162: Snmp Traps
ZyAIR G-5100 User’s Guide Figure 87 Menu 22 SNMP Configuration Menu 22 - SNMP Configuration SNMP: Get Community= public Set Community= public Trusted Host= 0.0.0.0 Trap: Community= public Destination= 0.0.0.0 Press ENTER to Confirm or ESC to Cancel: The following table describes the SNMP configuration parameters.
Page 163: Table 54 Ports And Interface Types
ZyAIR G-5100 User’s Guide Table 53 SNMP Traps (continued) TRAP # TRAP NAME DESCRIPTION authenticationFailure (defined in A trap is sent to the manager when receiving any SNMP RFC-1215) get or set requirements with wrong community (password). linkDown (defined in RFC-1215) A trap is sent when the port is down.
Page 164: Chapter 17 System Security
ZyAIR G-5100 User’s Guide H A P T E R System Security This chapter describes how to configure the system security on the ZyAIR. 17.1 System Security You can configure the system password, an external RADIUS server and 802.1x in this menu.
Page 165: Figure 89 Menu 23 System Security
ZyAIR G-5100 User’s Guide Figure 89 Menu 23 System Security Menu 23 - System Security 1. Change Password 2. RADIUS Server 4. IEEE802.1x Enter Menu Selection Number: From Menu 23- System Security, enter 2 to display Menu 23.2 – System Security –...
Page 166: 166
ZyAIR G-5100 User’s Guide Table 55 Menu 23.2 System Security: RADIUS Server (continued) FIELD DESCRIPTION Active Press [SPACE BAR] to select Yes and press [ENTER] to enable user authentication through an external accounting server. Server Address Enter the IP address of the external accounting server in dotted decimal notation.
Page 167: Figure 92 Menu 23.4 System Security: Ieee802.1X
ZyAIR G-5100 User’s Guide Figure 92 Menu 23.4 System Security: IEEE802.1x Menu 23.4 - System Security - IEEE802.1x Wireless Port Control= Authentication Required ReAuthentication Timer (in second)= 1800 Idle Timeout (in second)= 3600 Key Management Protocol= 802.1x Dynamic WEP Key Exchange= 128-bit WEP...
Page 168 ZyAIR G-5100 User’s Guide Table 56 Menu 23.4 System Security: IEEE802.1x (continued) FIELD DESCRIPTION Dynamic WEP Key This field is activated only when you select Authentication Required in the Exchange Wireless Port Control field. Also set the Authentication Databases field to RADIUS Only.
Page 169 ZyAIR G-5100 User’s Guide Once you enable user authentication, you need to specify an external RADIUS server or create local user accounts on the ZyAIR for authentication Chapter 17 System Security...
Page 170: System Information And Diagnosis
ZyAIR G-5100 User’s Guide H A P T E R System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software.
Page 171: Figure 94 Menu 24.1 System Maintenance: Status
System Up Time This is the time the ZyAIR is up and running from the last reboot. ZyNOS F/W Version Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Name This displays the device name.
Page 172: System Information
ZyAIR G-5100 User’s Guide 18.2 System Information To get to the System Information: 1 Enter 24 to display Menu 24 – System Maintenance. 2 Enter 2 to display Menu 24.2 – System Information and Console Port Speed. 3 From this menu you have two choices as shown in the next figure: Figure 95 Menu 24.2 System Information and Console Port Speed...
Page 173: Console Port Speed
Menu 1 – General Setup. Routing Refers to the routing protocol used. ZyNOS F/W Version Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Country Code Refers to the country code of the firmware.
Page 174: Viewing Error Log
ZyAIR G-5100 User’s Guide 18.3.1 Viewing Error Log The first place you should look for clues when something goes wrong is the error log. Follow the procedures to view the local error/trace log: 1 Type 24 in the main menu to display Menu 24 – System Maintenance.
Page 175: Figure 100 Menu 24.4 System Maintenance: Diagnostic
ZyAIR G-5100 User’s Guide Figure 100 Menu 24.4 System Maintenance: Diagnostic Menu 24.4 - System Maintenance - Diagnostic TCP/IP 1. Ping Host 2. DHCP Release 3. DHCP Renewal System 11. Reboot System Enter Menu Selection Number: Host IP Address= N/A Follow the procedure next to get to display this menu: 1 From the main menu, type 24 to open Menu 24 –...
Page 176: Firmware And Configuration File Maintenance
The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password and TCP/IP Setup, etc. It arrives from ZyXEL with a rom filename extension. Once you have customized the ZyAIR's settings, they can be saved back to your computer under a filename of your choosing.
Page 177: Backup Configuration
ZyAIR G-5100 User’s Guide The following table is a summary. Please note that the internal filename refers to the filename on the ZyAIR and the external filename refers to the filename not on the ZyAIR, that is, on your computer, local network or FTP site and so the name (but not the extension) will vary.
Page 178: Using The Ftp Command From The Dos Prompt
ZyAIR G-5100 User’s Guide 19.2.2 Using the FTP command from the DOS Prompt 1 Launch the FTP client on your computer. 2 Enter “open” and the IP address of your ZyAIR. 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested. The default is 1234.
Page 179: Backup Configuration Using Tftp
ZyAIR G-5100 User’s Guide 19.2.3 Backup Configuration Using TFTP The ZyAIR supports the up/downloading of the firmware and the configuration file using TFTP (Trivial File Transfer Protocol) over LAN. Although TFTP should work over WAN as well, it is not recommended.
Page 180: Backup Via Console Port
ZyAIR G-5100 User’s Guide Table 62 General Commands for Third Party TFTP Clients (continued) COMMAND DESCRIPTION Local File Enter the path and name of the firmware file (*.bin extension) or configuration file (*.rom extension) on your computer. Remote File This is the filename on the ZyAIR. The filename for the firmware is “ras” and for the configuration file, is “rom-0”.
Page 181: Restore Configuration
ZyAIR G-5100 User’s Guide Figure 106 Successful Backup Confirmation Screen ** Backup Configuration completed. OK. ### Hit any key to continue.### 19.3 Restore Configuration Menu 24.6 –- System Maintenance – Restore Configuration allows you to restore the configuration via FTP or TFTP to your ZyAIR. The preferred method is FTP. Note that this function erases the current configuration before restoring the previous backup configuration;...
Page 182: Uploading Firmware And Configuration Files
ZyAIR G-5100 User’s Guide 19.4 Uploading Firmware and Configuration Files Menu 24.7 – System Maintenance – Upload Firmware allows you to upgrade the firmware and the configuration file. Note: WARNING! PLEASE WAIT A FEW MINUTES FOR THE ZYAIR TO RESTART AFTER FIRMWARE OR CONFIGURATION FILE UPLOAD.
Page 183: Configuration File Upload
ZyAIR G-5100 User’s Guide Figure 109 Menu 24.7.1 System Maintenance: Upload System Firmware Menu 24.7.1 - System Maintenance - Upload System Firmware To upload the system firmware, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your system. Then type "root" and SMT password as requested.
Page 184: Tftp File Upload
ZyAIR G-5100 User’s Guide 4 Enter your password as requested. The default is 1234. 5 Enter “bin” to set transfer mode to binary. 6 Use “put” to transfer files from the computer to the ZyAIR, e.g., put firmware.bin ras transfers the firmware on your computer (firmware.bin) to the ZyAIR and renames it “ras”.
Page 185: Example: Tftp Command
ZyAIR G-5100 User’s Guide 5 Use the TFTP client (see the example below) to transfer files between the ZyAIR and the computer. The file name for the firmware is “ras” and the configuration file is “rom-0” (rom-zero, not capital o).
Page 186: Example Xmodem Firmware Upload Using Hyperterminal
ZyAIR G-5100 User’s Guide Figure 112 Menu 24.7.1 as Seen Using the Console Port Menu 24.7.1 - System Maintenance - Upload System Firmware To upload system firmware: 1. Enter "y" at the prompt below to go into debug mode. 2. Enter "atur" after "Enter Debug Mode" message.
Page 187: Example Xmodem Configuration Upload Using Hyperterminal
ZyAIR G-5100 User’s Guide Figure 114 Menu 24.7.2 as Seen Using the Console Port Menu 24.7.2 - System Maintenance - Upload System Configuration File To upload system configuration file: 1. Enter "y" at the prompt below to go into debug mode.
Page 188: System Maintenance And Information
Enter the CI from the SMT by selecting menu 24.8. See the included disk or the zyxel.com web site for more detailed information on CI commands. Enter 8 from Menu 24 – System Maintenance. A list of valid commands can be found by typing help or ? at the command prompt.
Page 189: Time And Date Setting
Backup Configuration Restore Configuration Upload Firmware Command Interpreter Mode 10. Time and Date Setting Enter Menu Selection Number: Figure 117 Valid CI Commands Copyright (c) 1994 - 2004 ZyXEL Communications Corp. G-5100> ? Valid commands are: exit ether wlan bridge...
Page 190: Figure 118 Menu 24.10 System Maintenance: Time And Date Setting
ZyAIR G-5100 User’s Guide Figure 118 Menu 24.10 System Maintenance: Time and Date Setting Menu 24.10 - System Maintenance - Time and Date Setting Time Protocol= Manual Time Server Address= N/A Current Time: 00 : 57 : 07 New Time (hh:mm:ss):...
Page 191: Resetting The Time
ZyAIR G-5100 User’s Guide 20.2.1 Resetting the Time The ZyAIR resets the time in three instances: 1 On leaving menu 24.10 after making changes. 2 When the ZyAIR starts up, if there is a timeserver configured in menu 24.10. 3 24-hour intervals after starting.
Page 192: Chapter 21 Troubleshooting
ZyAIR G-5100 User’s Guide H A P T E R Troubleshooting This appendix covers potential problems and possible remedies. After each problem description, some instructions are provided to help you to diagnose and to solve the problem. 21.1 Problems Starting Up the ZyAIR...
Page 193: Problems With The Ethernet Interface
ZyAIR G-5100 User’s Guide 21.3 Problems with the Ethernet Interface Table 66 Troubleshooting the Ethernet Interface PROBLEM CORRECTIVE ACTION Cannot access If all of the LEDs on the inline power injector are on, check the Ethernet cable the ZyAIR from connection between your ZyAIR and the computer connected to the DATA IN port the LAN.
Page 194: Problems With The Wlan Interface
ZyAIR G-5100 User’s Guide 21.6 Problems with the WLAN Interface Table 69 Troubleshooting the WLAN Interface PROBLEM CORRECTIVE ACTION I cannot ping any Make sure the wireless adapter on the wireless station is working properly. computer on the Check that both the ZyAIR and wireless station(s) are using the same SSID, WLAN.
Page 195 ZyAIR G-5100 User’s Guide Chapter 21 Troubleshooting...
Page 196: Appendix A Specifications
ZyAIR G-5100 User’s Guide Appendix A Specifications General Table 70 Environmental Conditions TEMPERATURE RANGE IN DEGREES CELSIUS Operation +15 ~ +35 Normal ~ +35 Extreme ~ +70 Storage -30 to +80 HUMIDITY (non-condensing): 5% to 95% RH (typical) Table 71 Inspection Channel (CH1, CH7, CH13)
Page 197: Table 73 Radio Specifications
ZyAIR G-5100 User’s Guide Table 72 Hardware Specifications (continued) Compatibility Fully interoperable with IEEE802.11g and IEEE802.11b compliant products Power Supply (for Inline 100 ~ 240VAC 50/60Hz800mA at -48VDC (PoE) Power Injector) Radio Specifications Table 73 Radio Specifications FREQUENCY BAND 2.4 ~ 2.4835 (GHZ)
Page 198: Table 75 Transmitting System
ZyAIR G-5100 User’s Guide System Test Table 75 Transmitting System PARAMETER TEST CONDITION SPECIFICATION TEMP. DEG. C. Tx Power Modulation: DQPSKData FCC:19dBm ± 1dB19dBm ± 2dB 25-20 ~ +70 Rate: 11Mbps ETSI:14dBm ± 1dB14dBm ± 2dB 25-20 ~ +70 Spectrum Mask ±11MHz ~ 22MHz±22MHz...
Page 199: Figure 119 Inspection Cosmetic And Function
ZyAIR G-5100 User’s Guide Figure 119 Inspection Cosmetic and Function TEST ITEM TEST CONDITION CRITERIA High Temp. +70 Deg. C No Damage In Temperature Cosmetics or Error In Storage 24 hours Operation Function Test Operation mode in the chamber Spec.
Page 200 ZyAIR G-5100 User’s Guide Table 78 Approvals North America FCC Part 15 Class B European Union (CE mark) EN55022 Class BEN61000-3- 2EN61000-3-3 European Union (CE mark) EN61000-4-2 ELECTROSTATIC DISCHARGE EN61000-4-3 RADIO-FREQUENCY ELECTROMAGNETIC FIELD EN61000-4-4 EFT/BURST EN61000-4-5 SURGE EN61000-4-6 CONDUCTED SUSCEPTIBILITY...
Page 201 ZyAIR G-5100 User’s Guide Appendix A Specifications...
Page 202: Packaging Specifications
ZyAIR G-5100 User’s Guide Appendix B Packaging Specifications Table 79 Packaging Specifications ACCESSORIES SPECIFICATION/DESCRIPTION QUANTITY Inline Power Injector (PoE) Input 100 ~ 240VAC 50/60HzOutput 800mA at -48VDC Wall-plug AC Power Cord (1.8m) RS232 Console Cable MIL-C-5015 STP (2.0m) Uplink Ethernet Cable MIL-C-5015 UTP (1.8m)
Page 203 ZyAIR G-5100 User’s Guide Appendix B Packaging Specifications...
Page 204: Power Over Ethernet Specifications
ZyAIR G-5100 User’s Guide Appendix C Power over Ethernet Specifications You can use a power over Ethernet injector to power this device. The injector must comply to IEEE 802.3af.-7 Table 80 Power over Ethernet Injector Specifications Power Output 15.4 Watts maximum...
Page 205 ZyAIR G-5100 User’s Guide Appendix C Power over Ethernet Specifications...
Page 206: Setting Up Your Computer's Ip Address
ZyAIR G-5100 User’s Guide Appendix D Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.
Page 207: Figure 120 Windows 95/98/Me: Network: Configuration
ZyAIR G-5100 User’s Guide Figure 120 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add.
Page 208: Figure 121 Windows 95/98/Me: Tcp/Ip Properties: Ip Address
ZyAIR G-5100 User’s Guide 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click 5 Restart your computer so the changes you made take effect. Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab.
Page 209: Figure 122 Windows 95/98/Me: Tcp/Ip Properties: Dns Configuration
ZyAIR G-5100 User’s Guide Figure 122 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add.
Page 210: Figure 123 Windows Xp: Start Menu
ZyAIR G-5100 User’s Guide Figure 123 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 124 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Page 211: Figure 125 Windows Xp: Control Panel: Network Connections: Properties
ZyAIR G-5100 User’s Guide Figure 125 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 126 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Page 212: Figure 127 Windows Xp: Internet Protocol (Tcp/Ip) Properties
ZyAIR G-5100 User’s Guide • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. • Click Advanced. Figure 127 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK.
Page 213: Figure 128 Windows Xp: Advanced Tcp/Ip Properties
ZyAIR G-5100 User’s Guide Figure 128 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 214: Figure 129 Windows Xp: Internet Protocol (Tcp/Ip) Properties
ZyAIR G-5100 User’s Guide Figure 129 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Page 215: Figure 130 Macintosh Os 8/9: Apple Menu
ZyAIR G-5100 User’s Guide Figure 130 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 131 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. Appendix D Setting up Your Computer’s IP Address...
Page 216: Figure 132 Macintosh Os X: Apple Menu
ZyAIR G-5100 User’s Guide 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. •...
Page 217: Figure 133 Macintosh Os X: Network
ZyAIR G-5100 User’s Guide Figure 133 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box.
Page 218: Appendix Eip Subnetting
ZyAIR G-5100 User’s Guide Appendix E IP Subnetting IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1.
Page 219: Table 83 Allowed Ip Address Range By Class
ZyAIR G-5100 User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B”...
Page 220: Table 85 Alternative Subnet Mask Notation
ZyAIR G-5100 User’s Guide Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/”...
Page 221: Table 87 Subnet 1
ZyAIR G-5100 User’s Guide Divide the network 192.168.1.0 into two separate subnets by converting one of the host ID bits of the IP address to a network number bit. The “borrowed” host ID bit can be either “0” or “1”...
Page 222: Table 89 Subnet 1
ZyAIR G-5100 User’s Guide Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192.
Page 223: Table 92 Subnet 4
ZyAIR G-5100 User’s Guide Table 92 Subnet 4 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 11000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.193 192.168.1.192 Broadcast Address: Highest Host ID: 192.168.1.254 192.168.1.255...
Page 224: Table 95 Class B Subnet Planning
ZyAIR G-5100 User’s Guide Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID.
Page 225 ZyAIR G-5100 User’s Guide Appendix E IP Subnetting...
Page 226: Wireless Lan And Ieee 802.11
ZyAIR G-5100 User’s Guide Appendix F Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provides a flexible data communications system that you can use to access various services (navigating the Internet, email, printer services, etc.) without the use of a cabled connection.
Page 227: Figure 134 Peer-To-Peer Communication In An Ad-Hoc Network
ZyAIR G-5100 User’s Guide Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless nodes or stations (STA), which is called a Basic Service Set (BSS). In the most basic form, a wireless LAN connects a set of computers with wireless adapters. Any...
Page 228: Figure 135 Ess Provides Campus-Wide Coverage
ZyAIR G-5100 User’s Guide Figure 135 ESS Provides Campus-Wide Coverage Appendix F Wireless LAN and IEEE 802.11...
Page 229 ZyAIR G-5100 User’s Guide Appendix F Wireless LAN and IEEE 802.11...
Page 230: Wireless Lan With Ieee 802.1X
ZyAIR G-5100 User’s Guide Appendix G Wireless LAN With IEEE 802.1x As wireless networks become popular for both portable computing and corporate networks, security is now a priority. Security Flaws with IEEE 802.11 Wireless networks based on the original IEEE 802.11 have a poor reputation for safety. The IEEE 802.11b wireless access standard, first published in 1999, was based on the MAC...
Page 231: Figure 136 Sequences For Eap Md5-Challenge Authentication
ZyAIR G-5100 User’s Guide RADIUS Server Authentication Sequence The following figure depicts a typical wireless network with a remote RADIUS server for user authentication using EAPOL (EAP Over LAN). Figure 136 Sequences for EAP MD5–Challenge Authentication Appendix G Wireless LAN With IEEE 802.1x...
Page 232: Types Of Eap Authentication
ZyAIR G-5100 User’s Guide Appendix H Types of EAP Authentication This appendix discusses the five popular EAP authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and LEAP. The type of authentication you use depends on the RADIUS server or the AP. Consult your network administrator for more information.
Page 233: Table 96 Comparison Of Eap Authentication Types
ZyAIR G-5100 User’s Guide PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication.
Page 234: Appendix I Outdoor Site Planning
ZyAIR G-5100 User’s Guide Appendix I Outdoor Site Planning This appendix provides information on site planning requirements for the installation of your outdoor wireless device. Introduction The installation of a wireless network requires some additional planning over a wired network.
Page 235 ZyAIR G-5100 User’s Guide Weather It is important to research any unusual weather conditions that are common to the site location. These conditions include extreme • Rainfall • Fog • Wind • Temperature Ranges. If extreme conditions exist that may affect the integrity of the radio link, the effects of these conditions should be considered early in the planning process.
Page 236: Lightning Protection
ZyAIR G-5100 User’s Guide Temperature Ranges Temperature can adversely affect the radio link when phenomena such as temperature inversion or very still air accompanied by stratification occur See the section on Fog for further detail. Lightning The potential for lightning damage to radio equipment should always be considered when planning a wireless link.
Page 237: Antenna Characteristics
ZyAIR G-5100 User’s Guide Antenna placement and polarization, is the most effective method of reducing this type of interference. Antennas Antennas play a key role in reducing the potential for interference. They come in a variety of configurations that have different performance characteristics in the areas of gain and direction.
Page 238: Antenna Polarization
ZyAIR G-5100 User’s Guide • Omni-directional antennas send the RF signal out in all directions on a horizontal plane. The coverage area is torus-shaped (like a donut) which makes these antennas ideal for a room environment. With a wide coverage area, it is possible to make circular overlapping coverage areas with multiple access points.
Page 239 ZyAIR G-5100 User’s Guide • Availability represents the quality of a link. It is the ratio of the time that the link is available to the total time. This serves as a guide to the service that you can expect, on average, over a period of one year.
Page 240: Outdoor Installation Recommendations
ZyAIR G-5100 User’s Guide Appendix J Outdoor Installation Recommendations This appendix provides information on site requirements for the installation of your outdoor wireless device See the Quick Start Guide for more information on site installation. Mounting An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air.
Page 241: Antenna Alignment
ZyAIR G-5100 User’s Guide Direct grounding of the antenna mast and outdoor wireless device. The outdoor wireless device should be connected to the same grounding system as the antenna mast and the AC wall outlet. The grounding system must comply with the National Electrical Code and safety standards that apply in your country.
Page 242 ZyAIR G-5100 User’s Guide For omni-directional antennas mounted on a table, desk, and so on, point the antenna up. For omni-directional antennas mounted on a wall or ceiling, point the antenna down. For a single AP application, place omni-directional antennas as close to the center of the coverage area as possible.
Page 243 ZyAIR G-5100 User’s Guide Appendix J Outdoor Installation Recommendations...
Page 244: Appendix K Command Interpreter
Enter 8 to go to Menu 24.8 - Command Interpreter Mode. See the included disk or zyxel.com for more detailed information on these commands. Note: Use of undocumented commands or misconfiguration can damage the unit and possibly render it unusable.
Page 245 ZyAIR G-5100 User’s Guide Appendix K Command Interpreter...
Page 246: Brute-Force Password Guessing Protection
ZyAIR G-5100 User’s Guide Appendix L Brute-Force Password Guessing Protection The following describes the commands for enabling, disabling and configuring the brute-force password guessing protection mechanism for the password. See Appendix K on page 244 information on the command structure.
Page 247 ZyAIR G-5100 User’s Guide Appendix L Brute-Force Password Guessing Protection...
Page 248: Appendix M Log Descriptions
ZyAIR G-5100 User’s Guide Appendix M Log Descriptions This appendix provides descriptions of example log messages. Table 98 System Maintenance Logs LOG MESSAGE DESCRIPTION The router has adjusted its time based on information from the time server. Time calibration is successful The router failed to get information from the time server.
Page 249: Table 100 Sys Log
ZyAIR G-5100 User’s Guide Table 99 ICMP Notes (continued) TYPE CODE DESCRIPTION Redirect datagrams for the Host Redirect datagrams for the Type of Service and Network Redirect datagrams for the Type of Service and Host Echo Echo message Time Exceeded...
Page 250: Table 101 Log Categories And Available Settings
ZyAIR G-5100 User’s Guide Use sys logs category followed by a log category and a parameter to decide what to record Table 101 Log Categories and Available Settings LOG CATEGORIES AVAILABLE PARAMETERS error 0, 1, 2, 3 mten 0, 1...
Page 251 ZyAIR G-5100 User’s Guide Appendix M Log Descriptions...
Page 252: Index
ZyAIR G-5100 User’s Guide Index Default DHCP Diagnostic Address Assignment 43, 94 Diagnostic Tools Ad-hoc Direct Sequence Spread Spectrum Alternative Subnet Mask Notation Distribution System 55, 227 Antenna Directional DSSS Omni-directional Dynamic Preamble Mode Applications Dynamic WEP Key Exchange Authentication...
Page 253 ZyAIR G-5100 User’s Guide General Specifications Max. Frame Burst MSDU Hidden Menus Host Network Management Host IDs How STP Works HyperTerminal program Open System IBSS 54, 227 IEEE 802.1x Independent Basic Service Set 54, 130, 227 Packets Initial Screen Password...
Page 254 ZyAIR G-5100 User’s Guide RF signals Roaming Requirements TCP/IP Root bridge Terminal Emulation RTS Threshold 56, 148 TFTP File Transfer RTS/CTS Time and Date Setting RTS/CTS handshake Time Setting Time Zone Trace Records Troubleshooting Accessing ZyAIR 193, 194 Ethernet Port...
Page 255 ZyAIR G-5100 User’s Guide ZyNOS ZyNOS F/W Version ZyXEL Limited Warranty Note Index...

ZyXEL Communications ZYAIR G-5100 User Manual

Chapter 1 Getting to Know Your Zyair

Chapter 2 Introducing the Web Configurator

Chapter 3 Wizard Setup

Chapter 4 System Screens

Chapter 5 Wireless Configuration and Roaming

Chapter 6 Wireless Security

Chapter 7 IP Screen

Chapter 8 Authentication Server

Chapter 9 Certificates

Chapter 10 Log Screens

Chapter 11 Maintenance

Chapter 12 Introducing the SMT

Chapter 13 General Setup

Chapter 14 LAN Setup

Chapter 15 Dial-In User Setup

Chapter 16 SNMP Configuration

Chapter 17 System Security

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications ZYAIR G-5100

Summary of Contents for ZyXEL Communications ZYAIR G-5100