User Guide Wireless LAN Access Points 8200/8500/8700 3CRWE820096A 3CRWE850075A 3CRWE870075A Version 2 http://www.3com.com/ http://support.3com.com/registration/frontpg.pl/ Published May, 2003 Version 2.1.3...
Page 2
file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you.
Contents Introduction Product Features Security Performance and Reliability Manageability Wireless Network Standards Far-Reaching 802.11b High-Performance 802.11a Network Configuration and Planning Ad Hoc Wireless LAN Infrastructure Wireless LAN Infrastructure Wireless LAN for Roaming Wireless PCs Terminology Installing the Access Point Installation Requirements Power Requirements Safety Information Deciding Where to Place Equipment...
Page 4
System Configuration Using the 3Com Wireless Device Manager Launching a Wireless Device Configuration Using the Pre-IP Configuration Wizard Configuration Login Setting the Country Code Basic Setup Advanced Setup Identification TCP/IP Settings DHCP Client Secure Web Server Connection RADIUS Authentication Filter Control...
NTRODUCTION The 3Com® Wireless LAN Access Points 8200, 8500, and 8700 offer a dual-mode architecture that supports both 802.11a and 802.11b wireless users on a single device. This means you can mix and match radio bands to meet different coverage and bandwidth needs within the same area. Different access point models give you the flexibility to choose to support both radio modes...
100 meters (328 feet). ECURITY 3Com offers one of the most robust suite of standards-based security on the market today. To protect sensitive data broadcast over the wireless LAN, 3Com supports Wireless Equivalent Privacy (WEP) RC4 40/ 64-bit, 128-bit and 152-bit shared-key encryption.
With Power over Ethernet (PoE) support, the same Category 5 cable that connects your access point to the data network also provides its power. A single cable installation dramatically improves your choice of mounting configurations because you no longer need to consider AC power outlet locations. PoE support makes it easier than ever to overcome installation problems with difficult-to-wire or hard-to-reach locations.
The higher spectrum provides about 50 meters (164 feet) of coverage—about half what 802.11b offers. Consider 802.11a when you need high throughput in a confined space and you are: Running high-bandwidth applications like voice, video, or multimedia over a wireless network that can benefit from a fivefold increase in data throughput Transferring large files like computer aided design files, preprint publishing documents or graphics files, such as MRI scans for medical applications, that demand additional bandwidth...
Ad Hoc Wireless LAN Notebook with Wireless USB Adapter Notebook with Wireless PC Card PC with Wireless PCI Adapter NFRASTRUCTURE IRELESS The access point can also provide access to a wired LAN for wireless workstations. An integrated wired/wireless LAN is called an infrastructure configuration. A Basic Service Set (BSS) consists of a group of wireless PC users, and an access point that is directly connected to the wired LAN.
NFRASTRUCTURE IRELESS OAMING IRELESS The Basic Service Set (BSS) is the communications domain for each access point. For wireless PCs that do not need to support roaming, set the domain identifier (SSID) for the wireless card to the SSID of the access point to which you want to connect.
Page 12
applications, each cell or micro-cell has its own base station; each base station in turn is interconnected with other cells’ bases. BSS—Basic Service Set. It is an access point and all the LAN PCs that are associated with it. CSMA/CA—Carrier Sense Multiple Access with Collision Avoidance. EAP—Extensible Authentication Protocol, which provides a generalized framework for several different authentication methods.
The cable must be long enough to reach the power supply or the power-over-Ethernet LAN port. If you use the 3Com power supply, you need an additional Ethernet cable to connect the access point to the LAN. To access and use the Web configuration management system, you need a computer that is running Internet Explorer 5.0 or newer and one of the...
See “Using the Power Supply” on page 18 and “Using a Power-Over-Ethernet LAN Port” on page 19. Note for use of the 3Com power supply (part number 61-0107-000) in Norway: This product is also designed for use on an IT power system with phase-to-phase voltage of 230 V.
CAUTION: The 3Com power supply (part number 61-0107-000) input relies on a 16A rated building fuse or circuit protector for short circuit protection of the line to neutral conductors. CAUTION: It is the responsibility of the installer to ensure that the Power-over-Ethernet (POE) power supply is properly connected.
EFORE EGIN Record the access point MAC address in a safe place before the access point is installed in a hard-to-reach location. The MAC address is printed on the back of the access point housing. The following illustration shows the front and rear views of the access point, including the LEDs and connecting ports.
5 straight (8-wire) Ethernet cable. There are two ways to supply power to the access point: Use the 3Com Integrated Power-over-Ethernet power supply. In this case, you need to supply a second Ethernet cable to connect to the wired LAN.
If you supply your own Ethernet cable for connecting power, be sure that it is standard category 5 straight-through (8-wire) cable that has not been altered in any way. Use of nonstandard cable could damage the access point. "To Access Point" "To Hub/Switch"...
If your LAN equipment complies with the IEEE 802.3af power-over-Ethernet standard, you can connect the access point directly to a LAN port. For example, the illustration above right shows a connection through a 3Com Ethernet Power ® Supply to a 3Com SuperStack Switch.
Page 20
plate should be placed perpendicular to the floor, with the arrow pointed up, as indicated on the mounting plate, with the smooth side against the wall. Install the mounting plate as shown in the following illustration, on either a stud (or other hard wall surface), or onto drywall. If installing into a stud or other If installing into drywall, use 3 plastic anchors and 3 screws.
Position the access point at an angle to the mounting plate bayonet connection and turn the unit clockwise until it snaps into place, as shown below. Leave at least 13 cm (5 in.) length. Hold the access point at an angle. Turn Ethernet cable may be routed through clockwise to engage and secure it on center opening or through the side.
If you require a different type of antenna for the Access Point 8200, several options are available by model number from the 3Com Web site (www.3Com.com). (Access Point 8500 does not support interchangeable antennas.)
To install a tool from the CD: Power up the computer and put the 3Com CD in the CD-ROM drive. The setup menu should appear when the CD autostarts. If no menu appears, you can run the setup.exe startup program from the Windows Start menu.
EVICE ANAGER After the 3Com Wireless Device Manager is installed, ensure that the device to be configured is either wired to the network, associating with the wireless network, or connected directly to the computer, and connected to power. If more than one...
Page 25
Next. The 3Com Web Configuration Management System main screen appears in your Web browser. The following table describes the functions of the buttons in the 3Com Wireless Infrastructure Device Manager window. Button...
-IP C SING THE ONFIGURATION IZARD You can only configure devices that are on the same subnet as your computer. To configure a device on a different subnet, you must first assign it an IP address on the same subnet as your computer. After you launch the configuration, you can change settings as usual.
ASIC ETUP For a basic configuration, use the Setup Wizard as described below. At any time, you can click Home to return to the Home page of the configuration interface. If you want to configure more advanced features, click Advanced Setup in the Home page.
Primary DNS Address and Secondary DNS Address—The Domain Name Servers (DNS) map numerical IP addresses to the equivalent domain name (for example, www.3Com.com). Your internet service provider should provide the IP address of one or more domain name servers. Enter those addresses in Primary DNS Address and Secondary DNS Address fields.
protocol is used, and data is protected during the configuration session. When it is turned off, the HTTP protocol is used, and data could be intercepted during the configuration session. Changing this option causes the device to reset, which disrupts the network association temporarily, but does not affect device configuration settings that have already been saved.
UTHENTICATION The Authentication page allows you to configure the type of upper-layer authentication the access point uses for wireless clients. Access is checked against the authentication database stored on the access point. This level of authentication occurs before any 802.1x authentication configured on the Security page.
Field Default Description Session Key Refresh Rate Defines how long the RADIUS server will (minutes) dynamically re-assign a session key to a connected client station. 802.1x Reauthentication Defines how long the RADIUS server will Refresh Rate (seconds) dynamically reassign session keys to connected client stations.
VLAN ILTERING BY The access point supports filtering of up to 64 VLANs (virtual local area networks). The VLAN IDs must be configured for each client on one of the servers specified on the RADIUS configuration page. When VLAN filtering is enabled, the access point queries the server for the VLAN IDs of associating clients and saves the VLAN IDs.
SNMP Use the SNMP page to display and enter a community string for the Simple Network Management Protocol. To communicate with the access point, the SNMP agent must first be enabled and the Network Management Station must submit a valid community string for authentication. Select SNMP Enable and enter data into the fields as described below.
Local—Click Browse to locate the downloaded firmware file. Click Start Upgrade to start the upgrade process. The upgrade takes place through the HTTP protocol from the local machine. Remote—Select FTP or TFTP. Enter the firmware file name, the host IP address where the file is stored, the user name, and the password.
setting is disabled, date and time settings revert to the defaults after an access point is reset, affecting the accuracy of log reports. To avoid this situation, enable the SNTP server setting and allow the access point to obtain the date and time from an SNTP server.
Page 36
In normal mode the channel bandwidth is 20 MHz. In Turbo Mode the channel bandwidth is increased to 40 MHz. However, only a limited number of channels are available when Turbo Mode is enabled. Turbo Mode is not regulated in the IEEE 802.11a standard, and it is not allowed in some countries.
“Configuring Encryption” on page 38. 128-Bit Dynamic Security Link—This option can only be used with other 3Com Wireless LAN devices. It is the highest level of security, requiring a user name and password to access the wireless LAN. The user name and password set up on the access point must match those set up on the clients.
If you check the Require Windows user authentication check box, clients will be required to enter a user name and password every time they associate with the network. If you leave this box unchecked, the system will authenticate clients based on the access control list and the saved passwords on the clients.
Select the Key Type. Hexadecimal (0~9, A~F; for example, D7 0A 9C 7F E5) Alphanumeric (0~9, A~F; for example 01234) 3Com Passphrase (a string, described below) Enter the keys in their fields. 64-bit—Each key contains 10 hexadecimal digits or 5 alphanumeric...
3Com Passphrase—This encryption string is for use only with other 3Com Wireless LAN devices. It is a case-sensitive string between 6 and 30 characters long. To enter the string, click 3Com Passphrase. Then type any combination of letters and numbers in the Key 1 field and click Apply.
Page 41
Windows XP Wireless Zero Configuration Access Points 8200/8500/8700 Authentication Encryption Authentication Encryption Other Not available TKIP Open System Enable WPA Configuration: Required Multicast Cipher Mode: TKIP WPA Key Management: WPA 802.1x Open System Enable WPA Configuration: Required Multicast Cipher Mode: WPA Key Management: WPA 802.1x WPA-PSK...
ROUBLESHOOTING If you have difficulty with the 3Com Wireless LAN access point, first check the following items in the configuration: Radio Settings page: Ensure that the SSID is the same on clients and the access point. Security page: Ensure that Encryption is the same on clients and the access point.
Page 43
After you specify an IP In the 3Com Device Manager window click the Refresh address for an access point, button to refresh the Wireless Network Tree. Then click the 3Com Device Manager...
Page 44
1 Close your browser. 2 Return to the 3Com Device Manager Wireless Network Tree and click Refresh. 3 Select the access point and click Configure to start a new configuration session.
NLINE ECHNICAL ERVICES 3Com offers worldwide product support 24 hours a day, 7 days a week, through the following online systems: World Wide Web Site To access the latest networking information on the 3Com Corporation World Wide Web site enter this URL into your Internet browser: http://www.3com.com/...
Page 46
3Com. UPPORT FROM If you are unable to obtain assistance from the 3Com online technical resources or from your network supplier, 3Com offers technical telephone support services. To find out more about your support options, call the 3Com technical telephone support phone number at the location nearest you.
Page 47
RODUCTS FOR EPAIR Before you send a product directly to 3Com for repair, you must first obtain an authorization number. Products sent to 3Com without authorization numbers will be returned to the sender unopened, at the sender’s expense. To obtain an...
Page 48
Country Contact Information Paraguay 525 201 0004 Peru 511 241 1691 Uruguay 525 201 0004 Venezuela 525 201 0004 From the following countries, you may call the toll-free numbers; select option 2 and then option 2: U.S.A. and Canada 1 800 876 3266...
Page 49
1 meter. This product does not contain any user serviceable components. Any unauthorized product changes or modifications will invalidate 3Com’s warranty and all applicable regulatory certifications and approvals. This product must be installed by a professional technician/installer.
Page 50
Industry Canada Notice (Applicable to Use Within Canada) This device complies with Canadian RSS-210. To prevent radio interference to the licensed service, this device is intended to be operated indoors and away from windows to provide maximum shielding. Equipment (or its transmit antenna) that is installed outdoors is subject to licensing.
Page 51
European Community—CE Notice (802.11b Radio) Marking by the symbol: indicates compliance with the essential requirements of Directive 73/23/EC and the essential requirements of articles 3.1(b), 3.2 and 3.3 of Directive 1999/5/EC. Such marking is indicative that this equipment meets or exceeds the following technical standards: EN 300 328-2—Electromagnetic compatibility and Radio spectrum Matters (ERM);...