1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Wireless Access Point
  5. NWA-1100
  6. User manual

ZyXEL Communications NWA-1100 User Manual

802.11b/g wireless access point
Hide thumbs Also See for NWA-1100:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Manual
NWA-1100
802.11b/g Wireless Access Point
Default Login Details
IP Address
http://192.168.1.2
Password
Firmware Version 3.6
Edition 2, 2/2009
www.zyxel.com
www.zyxel.com
1234
Copyright © 2009
ZyXEL Communications Corporation

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications NWA-1100

Summary of Contents for ZyXEL Communications NWA-1100

  • Page 1 NWA-1100 802.11b/g Wireless Access Point Default Login Details IP Address http://192.168.1.2 Password 1234 Firmware Version 3.6 Edition 2, 2/2009 www.zyxel.com www.zyxel.com Copyright © 2009 ZyXEL Communications Corporation...

  • Page 3: About This User's Guide

    Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead. Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.
  • Page 4 About This User's Guide Customer Support In the event of problems that cannot be solved by using this manual, you should contact your vendor. If you cannot contact your vendor, then contact a ZyXEL office for the region in which you bought the device. See http://www.zyxel.com/ web/contact_us.php for contact information.

  • Page 5: Document Conventions

    Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
  • Page 6 Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device. ZyXEL Device Computer Notebook computer Server Printer Firewall Ethernet Switch Switch Router ZyXEL NWA-1100 User’s Guide...

  • Page 7: Safety Warnings

    Safety Warnings Safety Warnings • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. •...
  • Page 8 Safety Warnings ZyXEL NWA-1100 User’s Guide...

  • Page 9: Table Of Contents

    Contents Overview Contents Overview Introduction ..........................17 Introducing the ZyXEL Device ....................19 Introducing the Web Configurator ....................29 Status Screens .......................... 33 Tutorial ............................37 The Web Configurator ......................45 System Screens ........................47 Wireless Settings Screen ......................55 Wireless Security Screen ......................
  • Page 10 Contents Overview ZyXEL NWA-1100 User’s Guide...

  • Page 11: Table Of Contents

    Table of Contents Table of Contents About This User's Guide ......................3 Document Conventions......................5 Safety Warnings........................7 Contents Overview ........................9 Table of Contents........................11 Part I: Introduction................. 17 Chapter 1 Introducing the ZyXEL Device ....................19 1.1 Introducing the ZyXEL Device ..................... 19 1.2 Applications for the ZyXEL Device ..................
  • Page 12 Table of Contents 3.1.1 System Statistics Screen .................... 35 Chapter 4 Tutorial ............................. 37 4.1 How to Configure the Wireless LAN ..................37 4.1.1 Choosing the Wireless Mode ..................37 4.1.2 Wireless LAN Configuration Overview ............... 37 4.1.3 Further Reading ......................38 4.2 ZyXEL Device Setup in Wireless Client Mode ..............
  • Page 13 Table of Contents 6.5.2.2 STP Terminology ................69 6.5.2.3 How STP Works ................69 6.5.2.4 STP Port States ................70 6.5.3 Additional Wireless Terms ..................70 Chapter 7 Wireless Security Screen ....................... 73 7.1 Overview ..........................73 7.2 What You Can Do in the Wireless Security Screen ............. 73 7.3 What You Need To Know About Wireless Security ..............
  • Page 14 Table of Contents 10.3 What You Need to Know About IP ..................98 10.4 IP Screen ........................... 98 10.5 Technical Reference ......................99 10.5.1 WAN IP Address Assignment ................... 99 Chapter 11 Remote Management......................101 11.1 Overview .......................... 101 11.2 What You Can Do in the Remote Management Screens ..........102 11.3 What You Need To Know About Remote Management ...........
  • Page 15 Table of Contents Chapter 14 Maintenance .......................... 123 14.1 Overview .......................... 123 14.2 What You Can Do in the Maintenance Screens .............. 123 14.3 What You Need To Know About the Maintenance Screens ..........123 14.4 Association List Screen ....................124 14.5 Channel Usage Screen ....................
  • Page 16 Table of Contents ZyXEL NWA-1100 User’s Guide...

  • Page 17: Introduction

    Introduction Introducing the ZyXEL Device (19) Status Screens (33) Introducing the Web Configurator (29) Tutorial (37)

  • Page 19: Introducing The Zyxel Device

    H A P T E R Introducing the ZyXEL Device This chapter introduces the main applications and features of the ZyXEL Device. It also discusses the ways you can manage your ZyXEL Device. 1.1 Introducing the ZyXEL Device Your ZyXEL Device extends the range of your existing wired network without additional wiring, providing easy network access to mobile users.

  • Page 20: Access Point

    Chapter 1 Introducing the ZyXEL Device 1.2.1 Access Point The ZyXEL Device is an ideal access solution for wireless Internet connection. A typical Internet access application for your ZyXEL Device is shown as follows. Stations A, B and C can access the wired network through the ZyXEL Devices. Figure 1 Access Point Application BSS1 BSS2...

  • Page 21: Wireless Client

    Chapter 1 Introducing the ZyXEL Device 1.2.2 Wireless Client The ZyXEL Device can be used as a wireless client to communicate with an existing network. In the figure below, the printer can receive requests from the wired computer clients A and B via the ZyXEL Device in Wireless Client mode. Figure 2 Wireless Client Application 1.2.3 Bridge The ZyXEL Device can act as a wireless network bridge and establish wireless links...
  • Page 22 Chapter 1 Introducing the ZyXEL Device At the time of writing, WDS security is compatible with other ZyXEL NWA-series access points only. Refer to your other access point’s documentation for details. Figure 3 Bridge Application In the example below, when both ZyXEL Devices are in Bridge mode, they form a WDS (Wireless Distribution System) allowing the computers in LAN 1 to connect to the computers in LAN 2.
  • Page 23 Chapter 1 Introducing the ZyXEL Device Be careful to avoid bridge loops when you enable bridging in the ZyXEL Device. Bridge loops cause broadcast traffic to circle the network endlessly, resulting in possible throughput degradation and disruption of communications. The following examples show two network topologies that can lead to this problem: •...

  • Page 24: Ap + Bridge

    Chapter 1 Introducing the ZyXEL Device To prevent bridge loops, ensure that you enable STP in the Wireless screen or your ZyXEL Device is not set to bridge mode while connected to both wired and wireless segments of the same LAN. 1.2.4 AP + Bridge In AP+Bridge mode, the ZyXEL Device supports both AP and bridge connection at the same time.

  • Page 25: Ways To Manage The Zyxel Device

    Chapter 1 Introducing the ZyXEL Device 1.3 Ways to Manage the ZyXEL Device Use any of the following methods to manage the ZyXEL Device. • Web Configurator. This is recommended for everyday management of the ZyXEL Device using a (supported) web browser. •...

  • Page 26: Wireless Security

    Chapter 1 Introducing the ZyXEL Device 1.4.2 Wireless Security Wireless devices are especially vulnerable to attack. If your ZyXEL Device has a wireless function, take the following measures to improve wireless security. • Enable wireless security on your ZyXEL Device. Choose the most secure encryption method that all devices on your network support.

  • Page 27: Leds

    Chapter 1 Introducing the ZyXEL Device 1.7 LEDs Figure 8 LEDs Table 1 LEDs LABEL COLOR STATUS DESCRIPTION Green The ZyXEL Device is in AP + Bridge or Bridge mode, and has successfully established a Wireless Distribution System (WDS) connection. Amber Flashing The ZyXEL Device is starting up.
  • Page 28 Chapter 1 Introducing the ZyXEL Device Table 1 LEDs (continued) LABEL COLOR STATUS DESCRIPTION The wireless adaptor WLAN is not active. ETHERNET Green The ZyXEL Device has a 10 Mbps Ethernet connection. Blinking The ZyXEL Device has a 10 Mbps Ethernet connection and is sending or receiving data.

  • Page 29: Introducing The Web Configurator

    H A P T E R Introducing the Web Configurator This chapter describes how to access the ZyXEL Device’s web configurator and provides an overview of its screens. 2.1 Accessing the Web Configurator Make sure your hardware is properly connected and prepare your computer or computer network to connect to the ZyXEL Device (refer to the Quick Start Guide).

  • Page 30: Resetting The Zyxel Device

    Chapter 2 Introducing the Web Configurator Note: If you do not change the password, the following screen appears every time you login. Figure 9 Change Password Screen You should now see the Status screen. See Chapter 2 on page 29 for details about the Status screen.
  • Page 31 Chapter 2 Introducing the Web Configurator Check the status bar at the bottom of the screen when you click Apply or OK to verify that the configuration has been updated. Figure 10 Status Screen of the Web Configurator • Click the links on the left of the screen to configure advanced features such as SYSTEM (General, Password and Time), WIRELESS (Wireless Settings, Security, RADIUS, MAC Filter), IP, REMOTE MGNT (Telnet, FTP, WWW and SNMP), CERTIFICATES, and LOGS (View Log and Log Settings).
  • Page 32 Chapter 2 Introducing the Web Configurator ZyXEL NWA-1100 User’s Guide...

  • Page 33: Status Screens

    H A P T E R Status Screens The Status screens display when you log into the ZyXEL Device, or click Status in the navigation menu. Use the Status screens to look at the current status of the device, system resources, and interfaces.
  • Page 34 Chapter 3 Status Screens The following table describes the labels in this screen. Table 2 The Status Screen LABEL DESCRIPTION Refresh Interval Enter how often you want the ZyXEL Device to update this screen. Refresh Now Click this to update this screen immediately. System Information Device Name This field displays the ZyXEL Device system name.

  • Page 35: System Statistics Screen

    Chapter 3 Status Screens Table 2 The Status Screen LABEL DESCRIPTION Interface Status Interface This column displays each interface of the ZyXEL Device. Status This field indicates whether or not the ZyXEL Device is using the interface. For each interface, this field displays Up when the ZyXEL Device is using the interface and Down when the ZyXEL Device is not using the interface.
  • Page 36 Chapter 3 Status Screens The following table describes the labels in this screen. Table 3 System Status: Show Statistics LABEL DESCRIPTION Description 802.11 Mode This field shows which mode (802.11b Only, 802.11g Only, 802.11b+g) the ZyXEL Device is using. Channel ID Click this to see which wireless channels are currently in use in the local area.

  • Page 37: Tutorial

    H A P T E R Tutorial This chapter first provides an overview of how to configure the wireless LAN on your ZyXEL Device, and then gives step-by-step guidelines showing how to configure your ZyXEL Device for some example scenarios. 4.1 How to Configure the Wireless LAN This section illustrates how to choose which wireless operating mode to use on the ZyXEL Device and how to set up the wireless LAN in each wireless mode.

  • Page 38: Further Reading

    Chapter 4 Tutorial information on setting up your ZyXEL Device and accessing the Web Configurator). Figure 13 Configuring Wireless LAN Select the WLAN Adaptor you want to configure. Select Operating Mode. AP + Bridge Bridge Wireless Client Access Point Mode. Mode.

  • Page 39: Zyxel Device Setup In Wireless Client Mode

    Chapter 4 Tutorial 4.2 ZyXEL Device Setup in Wireless Client Mode This example shows you how to restrict wireless access to your ZyXEL Device. 4.2.1 Scenario In the figure below, there are two ZyXEL Devices (A and B) in the network. A is in Access Point (AP) mode while B is in Wireless Client mode.
  • Page 40 Chapter 4 Tutorial Open the Web Configurator and go to the Wireless > Wireless Settings screen. Figure 15 Access Point Mode Wireless Setttings Set the Operation Mode to AP. Enter an SSID name, such as “NWA-1100 A”. Choose the channel you want the ZyXEL Device to use. Select the Wireless Mode.

  • Page 41: Configuring The Zyxel Device In Wireless Client Mode

    Chapter 4 Tutorial 4.2.3 Configuring the ZyXEL Device in Wireless Client Mode Your ZyXEL Device should have a wired connection before it can be set to wireless client operating mode. Connect your ZyXEL Device to the FTP server. Open the Web Configurator ZyXEL Device and go to the Wireless >...
  • Page 42 Chapter 4 Tutorial Set the Wireless Mode to the same one set for the access point. Click Apply. Figure 17 Wireless Client Mode Wireless Settings Figure 18 Site Survey ZyXEL NWA-1100 User’s Guide...
  • Page 43 Chapter 4 Tutorial Figure 19 Wireless Client Mode Go to Wireless > Security to configure the ZyXEL Device to use WPA-PSK security mode. Figure 20 Wireless Client Mode Security Setttings One way to ensure that only specified wireless clients can access the FTP server is by enabling MAC filtering on the ZyXEL Device.

  • Page 44: Testing The Connection And Troubleshooting

    Chapter 4 Tutorial Still in the Web Configurator, go to Wireless > MAC Filter. Click on Active then highlight Allow the following MAC Address to associate. Enter the MAC Addresses of the wireless clients (W, Y and Z) you want to associate with the ZyXEL Device.

  • Page 45: The Web Configurator

    The Web Configurator System Screens (47) Wireless Settings Screen (55) Wireless Security Screen (73) RADIUS Screen (89) MAC Filter Screen (93) IP Screen (97) Remote Management (101) Certificate Screen (111) Log Screens (115) Maintenance (123) Troubleshooting (131)

  • Page 47: System Screens

    H A P T E R System Screens 5.1 Overview This chapter provides information and instructions on how to identify and manage your ZyXEL Device over the network. Figure 22 ZyXEL Device Setup In the figure above, the ZyXEL Device connects to a Domain Name Server (DNS) server to avail of a domain name.

  • Page 48: What You Need To Know About The System Screens

    Chapter 5 System Screens 5.3 What You Need To Know About the System Screens IP Address Assignment Every computer on the Internet must have a unique IP address. If your networks are isolated from the Internet, for instance, only between your two branch offices, you can assign any IP addresses to the hosts without problems.

  • Page 49: General Screen

    Chapter 5 System Screens numbers specify the network number while the last number identifies an individual computer on that network. Once you have decided on the network number, pick an IP address that is easy to remember, for instance, 192.168.1.2, for your device, but make sure that no other device on your network is using that IP address.

  • Page 50: Password Screen

    Chapter 5 System Screens Table 5 System: General LABEL DESCRIPTION Administrator Type how many minutes a management session (via web Inactivity Timer configurator) can be left idle before the session times out. The default is 5 minutes. After it times out you have to log in with your password again.

  • Page 51: Time Screen

    Chapter 5 System Screens Table 6 System: Password LABEL DESCRIPTIONS Retype to Confirm Retype your new system password for confirmation. Apply Click Apply to save your changes. Reset Click Reset to reload the previous configuration for this screen. 5.5 Time Screen Use this screen to change your ZyXEL Device’s time and date, click System >...
  • Page 52 Chapter 5 System Screens Table 7 System: Time LABEL DESCRIPTION Enable NTP client Select this to have the ZyXEL Device use the predefined list of update Network Time Protocol (NTP) servers. Random Select this to have the ZyXEL Device select which NTP server to use.

  • Page 53: Technical Reference

    Chapter 5 System Screens 5.6 Technical Reference This section provides some technical information about the topics covered in this chapter. 5.6.1 Pre-defined NTP Time Servers List When you turn on the ZyXEL Device for the first time, the date and time start at 2000-01-01 00:00:00.
  • Page 54 Chapter 5 System Screens ZyXEL NWA-1100 User’s Guide...

  • Page 55: Wireless Settings Screen

    H A P T E R Wireless Settings Screen 6.1 Overview This chapter discusses the steps to configure the Wireless Settings screen on the ZyXEL Device. It also introduces the wireless LAN (WLAN) and some basic scenarios. Figure 26 Wireless Mode In the figure above, the ZyXEL Device allows access to another bridge device (A) and a notebook computer (B) upon verifying their settings and credentials.

  • Page 56: What You Can Do In The Wireless Settings Screen

    Chapter 6 Wireless Settings Screen 6.2 What You Can Do in the Wireless Settings Screen Use the Wireless > Wireless Settings screen (see Section 6.4 on page 57) to configure the ZyXEL Device to operate in AP (Access Point), Wireless Client, Bridge or AP + Bridge.

  • Page 57: Wireless Settings Screen

    Chapter 6 Wireless Settings Screen SSID The SSID (Service Set IDentifier) identifies the Service Set with which a wireless station is associated. Wireless stations associating to the access point (AP) must have the same SSID. Normally, the ZyXEL Device acts like a beacon and regularly broadcasts the SSID in the area.

  • Page 58: Access Point Mode

    Chapter 6 Wireless Settings Screen 6.4.1 Access Point Mode Use this screen to use your ZyXEL Device as an access point. Select AP as the Operation Mode. The following screen displays. Figure 27 Wireless: Access Point The following table describes the general wireless LAN labels in this screen. Table 9 Wireless: Access Point LABEL DESCRIPTION...
  • Page 59 Chapter 6 Wireless Settings Screen Table 9 Wireless: Access Point LABEL DESCRIPTION SSID The SSID (Service Set IDentifier) identifies the Service Set with which a wireless station is associated. Wireless stations associating to the access point (AP) must have the same SSID. Select an SSID Profile from the drop-down list box.
  • Page 60 Chapter 6 Wireless Settings Screen Table 9 Wireless: Access Point LABEL DESCRIPTION DTIM Interval Delivery Traffic Indication Message (DTIM) is the time period after which broadcast and multicast packets are transmitted to mobile clients in the Power Saving mode. A high DTIM value can cause clients to lose connectivity with the network.

  • Page 61: Wireless Client Mode

    Chapter 6 Wireless Settings Screen Table 9 Wireless: Access Point LABEL DESCRIPTION Enable (R)STP detects and breaks network loops and provides backup links Spanning Tree between switches, bridges or routers. It allows a bridge to interact with Control (STP) other (R)STP -compliant bridges in your network to ensure that only one path exists between any two stations on the network.
  • Page 62 Chapter 6 Wireless Settings Screen The following table describes the general wireless LAN labels in this screen. Table 10 Wireless: Wireless Client LABEL DESCRIPTION Basic Settings Operation Select Wireless Client from the drop-down list. Click Apply to make the Mode Site Survey button appear next to the SSID field.

  • Page 63: Bridge Mode

    Chapter 6 Wireless Settings Screen Table 10 Wireless: Wireless Client LABEL DESCRIPTION RTS/CTS (Request To Send) The threshold (number of bytes) for enabling RTS/ Threshold CTS handshake. Data with its frame size larger than this value will perform the RTS/CTS handshake. Setting this attribute to be larger than the maximum MSDU (MAC service data unit) size turns off the RTS/CTS handshake.
  • Page 64 Chapter 6 Wireless Settings Screen Use this screen to use the ZyXEL Device as a wireless bridge. Select Bridge as the Operation Mode. Figure 29 Wireless: Bridge The following table describes the bridge labels in this screen. Table 11 Wireless: Bridge LABEL DESCRIPTIONS Basic Settings...
  • Page 65 Chapter 6 Wireless Settings Screen Table 11 Wireless: Bridge LABEL DESCRIPTIONS Channel Set the operating frequency/channel depending on your particular region. To manually set the ZyXEL Device to use a channel, select a channel from the drop-down list box. Click MAINTENANCE and then the Channel Usage tab to open the Channel Usage screen to make sure the channel is not already used by another AP or independent peer-to-peer wireless network.
  • Page 66 Chapter 6 Wireless Settings Screen Table 11 Wireless: Bridge LABEL DESCRIPTIONS Fragmentation The threshold (number of bytes) for the fragmentation boundary for directed messages. It is the maximum data fragment size that can be sent. Enter an even number between 256 and 2346. Rates This section controls the data rates permitted for clients.

  • Page 67: Ap + Bridge Mode

    Chapter 6 Wireless Settings Screen 6.4.4 AP + Bridge Mode Use this screen to have the ZyXEL Device function as a bridge and access point simultaneously. Select AP + Bridge as the Operation Mode. The following screen diplays. Figure 30 Wireless: AP+Bridge See the tables describing the fields in the Access Point and Bridge operating modes for descriptions of the fields in this screen.

  • Page 68: Technical Reference

    Chapter 6 Wireless Settings Screen 6.5 Technical Reference This section provides technical background information about the topics covered in this chapter. Refer to Appendix E on page 157 for further readings on Wireless LAN. 6.5.1 WMM QoS WMM (Wi-Fi MultiMedia) QoS (Quality of Service) ensures quality of service in wireless networks.

  • Page 69: Stp Terminology

    Chapter 6 Wireless Settings Screen 6.5.2.2 STP Terminology The root bridge is the base of the spanning tree; it is the bridge with the lowest identifier value (MAC address). Path cost is the cost of transmitting a frame onto a LAN through that port. It is assigned according to the speed of the link to which a port is attached.

  • Page 70: Stp Port States

    Chapter 6 Wireless Settings Screen 6.5.2.4 STP Port States STP assigns five port states (see next table) to eliminate packet looping. A bridge port is not allowed to go directly from blocking state to forwarding state so as to eliminate transient loops. Table 13 STP Port States PORT DESCRIPTIONS...
  • Page 71 Chapter 6 Wireless Settings Screen TERM DESCRIPTION Roaming If you have two or more ZyXEL Devices (or other wireless access points) on your wireless network, you can enable this option so that wireless devices can change locations without having to log in again.
  • Page 72 Chapter 6 Wireless Settings Screen ZyXEL NWA-1100 User’s Guide...

  • Page 73: Wireless Security Screen

    H A P T E R Wireless Security Screen 7.1 Overview This chapter describes how to use the Wireless Security screen. This screen allows you to configure the security mode for your ZyXEL Device. Wireless security is vital to your network. It protects communications between wireless stations, access points and the wired network.

  • Page 74: What You Need To Know About Wireless Security

    Chapter 7 Wireless Security Screen 7.3 What You Need To Know About Wireless Security User Authentication Authentication is the process of verifying whether a wireless device is allowed to use the wireless network. You can make every user log in to the wireless network before they can use it.
  • Page 75 Chapter 7 Wireless Security Screen • 802.1x-Static64. This provides 802.1x-Only authentication with a static 64bit WEP key and an authentication server. • 802.1x-Static128. This provides 802.1x-Only authentication with a static 128bit WEP key and an authentication server. • WPA. Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. •...

  • Page 76: The Security Screen

    Chapter 7 Wireless Security Screen Authentication Protocol (PEAP), Lightweight Extensible Authentication Protocol (LEAP) and Tunneled Transport Layer Security (TTLS). The authentication protocol may either be Microsoft Challenge Handshake Authentication Protocol Version 2 (MSCHAPv2) or Generic Token Card (GTC). Further information on these terms can be found in Appendix E on page 157.

  • Page 77: Security: Wep

    Chapter 7 Wireless Security Screen 7.4.1 Security: WEP Use this screen to use WEP as the security mode for your ZyXEL Device. Select WEP in the Security Mode field to display the following screen. Figure 33 Security: WEP The following table describes the labels in this screen. Table 16 Security: WEP LABEL DESCRIPTION...

  • Page 78: Security: 802.1X Only

    Chapter 7 Wireless Security Screen Table 16 Security: WEP LABEL DESCRIPTION Key 1 to The WEP keys are used to encrypt data. Both the ZyXEL Device and the wireless stations must use the same WEP key for data transmission. Key 4 If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F").
  • Page 79 Chapter 7 Wireless Security Screen The following table describes the labels in this screen. Table 17 Security: 802.1x Only for Access Point LABEL DESCRIPTION Security Settings Security Mode Choose 802.1x Only in this field. Rekey Options ReAuthenticatio Specify how often wireless stations have to resend user names and n Time passwords in order to stay connected.

  • Page 80: Wireless Client

    Chapter 7 Wireless Security Screen 7.4.2.2 Wireless Client Use this screen to use 802.1x-Only security mode for your ZyXEL Device that is in Wireless Client operating mode. Select 802.1x-Only in the Security Mode field to display the following screen. Figure 35 Security: 802.1x Only for Wireless Client The following table describes the labels in this screen.

  • Page 81: Security: 802.1X Static 64-Bit, 802.1X Static 128-Bit

    Chapter 7 Wireless Security Screen 7.4.3 Security: 802.1x Static 64-bit, 802.1x Static 128-bit Use this screen to use 802.1x Static 64 or 802.1x Static 128 security mode for your ZyXEL Device. Select 802.1x Static 64 or 802.1x Static 128 in the Security Mode field to display the following screen.

  • Page 82: Security: Wpa

    Chapter 7 Wireless Security Screen Table 19 Security: 802.1x Static 64-bit, 802.1x Static 128-bit LABEL DESCRIPTION Key 1 to Key 4 If you chose 802.1x Static 64, then enter any 5 characters (ASCII string) or 10 hexadecimal characters ("0-9", "A-F") preceded by 0x for each key.

  • Page 83: Access Point

    Chapter 7 Wireless Security Screen 7.4.4.1 Access Point Use this screen to employ WPA as the security mode for your ZyXEL Device that is in Access Point operating mode. Select WPA in the Security Mode field to display the following screen. Figure 37 Security: WPA for Access Point The following table describes the labels in this screen.

  • Page 84: Wireless Client

    Chapter 7 Wireless Security Screen 7.4.4.2 Wireless Client Use this screen to employ WPA as the security mode for your ZyXEL Device that is in Wireless Client operating mode. Select WPA in the Security Mode field to display the following screen. Figure 38 Security: WPA for Wireless Client The following table describes the labels in this screen.

  • Page 85: Access Point

    Chapter 7 Wireless Security Screen 7.4.5.1 Access Point Use this screen to use WAP2 or WPA2-MIX as the security mode for your ZyXEL Device that is in Access Point operating mode. Select WPA2 or WPA2-MIX in the Security Mode field to display the following screen. Figure 39 Security:WPA2 or WPA2-MIX for Access Point The following table describes the labels not previously discussed Table 22 Security: WPA2 or WPA2-MIX for Access Point...

  • Page 86: Wireless Client

    Chapter 7 Wireless Security Screen 7.4.5.2 Wireless Client Use this screen to employ WPA2 or WPA2-MIX as the security mode of your ZyXEL Device that is in Wireless Client operating mode. Select WPA2 or WPA2-MIX in the Security Mode field to display the following screen. Figure 40 Security: WPA2 or WPA2-MIX for Wireless Client The following table describes the labels in this screen.

  • Page 87: Security: Wpa-Psk, Wpa2-Psk, Wpa2-Psk-Mix

    Chapter 7 Wireless Security Screen 7.4.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX Use this screen to employ WPA-PSK, WPA2-PSK or WPA2-PSK-MIX as the security mode of your ZyXEL Device. Select WPA-PSK, WPA2-PSK or WPA2-PSK-MIX in the Security Mode field to display the following screen. Figure 41 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX The following table describes the labels not previously discussed Table 24 Security: WPA-PSK, WPA2-PSK or WPA2-PSK-MIX...
  • Page 88 Chapter 7 Wireless Security Screen • If you don’t have WPA(2)-aware wireless clients, then use WEP key encrypting. A higher bit key offers better security. You can manually enter 64-bit, 128-bit or 152-bit WEP keys. More information on Wireless Security can be found in Appendix E on page 157.

  • Page 89: Radius Screen

    H A P T E R RADIUS Screen 8.1 Overview This chapter describes how you can use the Wireless > RADIUS screen. Remote Authentication Dial In User Service (RADIUS) is a protocol that can be used to manage user access to large networks. It is based on a client-server model that supports authentication, authorization and accounting.

  • Page 90: What You Need To Know About Radius

    Chapter 8 RADIUS Screen 8.3 What You Need to Know About RADIUS The RADIUS server handles the following tasks: • Authentication which determines the identity of the users. • Authorization which determines the network services available to authenticated users once they are connected to the network. •...
  • Page 91 Chapter 8 RADIUS Screen The following table describes the labels in this screen. Table 25 Wireless > RADIUS LABEL DESCRIPTION Primary Configure the fields below to set up user authentication and accounting. Backup If the ZyXEL Device cannot communicate with the Primary accounting server, you can have the ZyXEL Device use a Backup RADIUS server.
  • Page 92 Chapter 8 RADIUS Screen ZyXEL NWA-1100 User’s Guide...

  • Page 93: Mac Filter Screen

    H A P T E R MAC Filter Screen 9.1 Overview This chapter discusses how you can use the Wireless > MAC Filter screen. The MAC filter function allows you to configure the ZyXEL Device to grant access to the ZyxEL Device from other wireless devices (Allow Association) or exclude devices from accessing the ZyXEL Device (Deny Association).

  • Page 94: What You Need To Know About Mac Filter

    Chapter 9 MAC Filter Screen 9.3 What You Need To Know About MAC Filter Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
  • Page 95 Chapter 9 MAC Filter Screen The following table describes the labels in this screen. Table 26 Wireless > MAC Filter LABEL DESCRIPTION Active Click this to enable this feature. Allow the Define the filter action for the list of MAC addresses in the MAC following MAC address filter table.
  • Page 96 Chapter 9 MAC Filter Screen ZyXEL NWA-1100 User’s Guide...

  • Page 97: Ip Screen

    H A P T E R IP Screen 10.1 Overview This chapter describes how you can configure the IP address of your ZyXEL Device. The Internet Protocol (IP) address identifies a device on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.

  • Page 98: What You Need To Know About Ip

    Chapter 10 IP Screen 10.3 What You Need to Know About IP The Ethernet parameters of the ZyXEL Device are preset in the factory with the following values: IP address of 192.168.1.2 Subnet mask of 255.255.255.0 (24 bits) 10.4 IP Screen Use this screen to configure the IP address for your ZyXEL Device.

  • Page 99: Technical Reference

    Chapter 10 IP Screen Table 27 IP Setup LABEL DESCRIPTION Subnet Mask Type the subnet mask. Gateway IP Address Type the IP address of the gateway. The gateway is an immediate neighbor of your ZyXEL Device that will forward the packet to the destination.
  • Page 100 Chapter 10 IP Screen ZyXEL NWA-1100 User’s Guide...

  • Page 101: Remote Management

    H A P T E R Remote Management 11.1 Overview This chapter shows you how to enable remote management of your ZyXEL Device. It provides information on determining which services or protocols can access which of the ZyXEL Device’s interfaces. Remote Management allows a user to administrate the device over the network.

  • Page 102: What You Can Do In The Remote Management Screens

    Chapter 11 Remote Management 11.2 What You Can Do in the Remote Management Screens • Use the Telnet screen (see Section 11.4 on page 104) to configure through which interface(s) and from which IP address(es) you can use Telnet to manage the ZyXEL Device.
  • Page 103 Chapter 11 Remote Management Your ZyXEL Device supports SNMP agent functionality, which allows a manager station to manage and monitor the ZyXEL Device through the network. The ZyXEL Device supports SNMP version one (SNMPv1) and version two (SNMPv2c). The next figure illustrates an SNMP management operation. . Note: SNMP is only available if TCP/IP is configured.

  • Page 104: The Telnet Screen

    Chapter 11 Remote Management • You may only have one remote management session running at one time. The ZyXEL Device automatically disconnects a remote management session of lower priority when another remote management session of higher priority starts. The priorities for the different types of remote management sessions are as follows: Telnet HTTP System Timeout...

  • Page 105: The Ftp Screen

    Chapter 11 Remote Management Table 29 Remote Management: Telnet LABEL DESCRIPTION Secured A secured client is a “trusted” computer that is allowed to communicate Client IP with the ZyXEL Device using this service. Address Select All to allow any computer to access the ZyXEL Device using this service.

  • Page 106: The Www Screen

    Chapter 11 Remote Management Table 30 Remote Management: FTP LABEL DESCRIPTION Secured Client A secured client is a “trusted” computer that is allowed to communicate IP Address with the ZyXEL Device using this service. Select All to allow any computer to access the ZyXEL Device using this service.

  • Page 107: The Snmp Screen

    Chapter 11 Remote Management Table 31 Remote Management: WWW LABEL DESCRIPTION Server Access Select the interface(s) through which a computer may access the ZyXEL Device using this service. Secured Client A secured client is a “trusted” computer that is allowed to communicate IP Address with the ZyXEL Device using this service.

  • Page 108: Technical Reference

    Chapter 11 Remote Management The following table describes the labels in this screen. Table 32 Remote Management: SNMP LABEL DESCRIPTION SNMP Configuration Get Community Enter the Get Community, which is the password for the incoming Get and GetNext requests from the management station. The default is public and allows all requests.

  • Page 109: Mib

    Chapter 11 Remote Management 11.8.1 MIB Managed devices in an SMNP managed network contain object variables or managed objects that define each piece of information to be collected about a device. Examples of variables include such as number of packets received, node port status etc.
  • Page 110 Chapter 11 Remote Management Table 33 SNMP Traps OBJECT IDENTIFIER # TRAP NAME DESCRIPTION (OID) authenticationFailure 1.3.6.1.6.3.1.1.5.5 The device sends this trap when it (defined in RFC-1215) receives any SNMP get or set requirements with the wrong community (password). Note: snmpEnableAuthenTraps, OID 1.3.6.1.2.1.11.30 (defined in RFC 1214 and RFC 1907) must be enabled on in order for the device to send...

  • Page 111: Certificate Screen

    H A P T E R Certificate Screen 12.1 Overview This chapter describes how your ZyXEL Device can use certificates as a means of authenticating wireless clients. It gives background information about public-key certificates and explains how to use them. A certificate contains the certificate owner’s identity and public key.

  • Page 112: Certificate Screen

    Chapter 12 Certificate Screen certificate into the ZyXEL Device, you should verify that you have the correct certificate. Key distribution is simple and very secure since you can freely distribute public keys and you never need to transmit private keys. 12.4 Certificate Screen Use this screen to view, delete and import certificates.

  • Page 113: Technical Reference

    Chapter 12 Certificate Screen 12.5 Technical Reference This section provides technical background information about the topics covered in this chapter. 12.5.1 Private-Public Certificates When using public-key cryptology for authentication, each host has two keys. One key is public and can be made openly available. The other key is private and must be kept secure.

  • Page 114: Checking The Fingerprint Of A Certificate On Your Computer

    Chapter 12 Certificate Screen 12.5.3 Checking the Fingerprint of a Certificate on Your Computer A certificate’s fingerprints are message digests calculated using the MD5 or SHA1 algorithms. The following procedure describes how to check a certificate’s fingerprint to verify that you have the actual certificate. Browse to where you have the certificate saved on your computer.

  • Page 115: Log Screens

    H A P T E R Log Screens 13.1 Overview This chapter provides information on viewing and generating logs on your ZyXEL Device. Logs are files that contain recorded network activity over a set period. They are used by administrators to monitor the health of the system(s) they are managing. Logs enable administrators to effectively monitor events, errors, progress, etc.

  • Page 116: What You Can Do In The Log Screens

    Chapter 13 Log Screens 13.2 What You Can Do in the Log Screens • Use the View Log screen (Section 13.4 on page 116) to display all logs or logs You can view logs and alert messages in this page. for a certain category.

  • Page 117: Log Settings Screen

    Chapter 13 Log Screens Click a column heading to sort the entries. A triangle indicates the direction of the sort order. Figure 59 View Log The following table describes the labels in this screen. Table 36 View Log LABEL DESCRIPTION Time This field displays the time the log was recorded.
  • Page 118 Chapter 13 Log Screens To change your ZyXEL Device’s log settings, click LOGS > Log Settings. The screen appears as shown. Figure 60 Log Settings The following table describes the labels in this screen. Table 37 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e-...
  • Page 119 Chapter 13 Log Screens Table 37 Log Settings LABEL DESCRIPTION Syslog Logging Syslog logging sends a log to an external syslog server used to store logs. Active Click Active to enable syslog logging. Syslog IP Enter the IP address of the syslog server that will log the selected Address categories of logs.

  • Page 120: Technical Reference

    Chapter 13 Log Screens 13.6 Technical Reference This section provides some technical background information about the topics covered in this chapter. 13.6.1 Example Log Messages The following tables provide descriptions of some example log messages that the ZyXEL Device generates. Table 38 System Maintenance Logs LOG MESSAGE DESCRIPTION...

  • Page 121: Log Commands

    Chapter 13 Log Screens 13.7 Log Commands Go to the command interpreter interface (refer to Appendix I on page 199 for the Command Interpreter appendix explains how to access and use the commands). 13.7.1 Configuring What You Want the ZyXEL Device to Log Use the sys logs load command to load the log setting buffer that allows you to configure which logs the ZyXEL Device is to record.
  • Page 122 Chapter 13 Log Screens KEYWORD DESCRIPTION SMPTP auth enable when e-mail log Email SmtpAuthEnable E-mail user name Email User E-mail password Email Password E-mail schedule mode Email Schedule E-mail schedule day Email Day E-mail schedule hour Email Hour E-mail schedule minute Email Minute Clear log after e-mail Email Clear...

  • Page 123: Maintenance

    H A P T E R Maintenance 14.1 Overview This chapter describes the maintenance screens. It discusses how you can view the association list and channel usage, upload new firmware, manage configuration and restart your ZyXEL Device without turning it off and on. 14.2 What You Can Do in the Maintenance Screens •...

  • Page 124: Association List Screen

    Chapter 14 Maintenance 14.4 Association List Screen Use this screen to view the wireless stations that are currently associated with the ZyXEL Device. Click Maintenance > Association List. The following screen displays. Figure 61 Association List The following table describes the labels in this screen. Table 41 Association List LABEL DESCRIPTION...
  • Page 125 Chapter 14 Maintenance Wait a moment while the ZyXEL Device compiles the information. Figure 62 Channel Usage The following table describes the labels in this screen. Table 42 Channel Usage LABEL DESCRIPTION SSID This is the Service Set IDentification name of the AP in an Infrastructure wireless network or wireless station in an Ad-Hoc wireless network.

  • Page 126: F/W Upload Screen

    Chapter 14 Maintenance 14.6 F/W Upload Screen Use this screen to upload a firmware to your ZyXEL Device. Click Maintenance > F/W Upload. Follow the instructions in this section to upload firmware to your ZyXEL Device. Figure 63 Firmware Upload The following table describes the labels in this screen.

  • Page 127: Configuration Screen

    Chapter 14 Maintenance The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 65 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the System Status screen.

  • Page 128: Backup Configuration

    Chapter 14 Maintenance Click Maintenance > Configuration. The screen appears as shown next. Figure 67 Configuration 14.7.1 Backup Configuration Backup configuration allows you to back up (save) the ZyXEL Device’s current configuration to a file on your computer. Once your ZyXEL Device is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes.
  • Page 129 Chapter 14 Maintenance Table 44 Restore Configuration LABEL DESCRIPTION Browse... Click Browse... to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them. Upload Click Upload to begin the upload process. Do not turn off the ZyXEL Device while configuration file upload is in progress.

  • Page 130: Back To Factory Defaults

    Chapter 14 Maintenance If the upload was not successful, the following screen will appear. Click Return to go back to the Configuration screen. Figure 70 Configuration Upload Error 14.7.3 Back to Factory Defaults Pressing the Reset button in this section clears all user-entered configuration information and returns the ZyXEL Device to its factory defaults as shown on the screen.

  • Page 131: Troubleshooting

    H A P T E R Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • ZyXEL Device Access and Login • Internet Access 15.1 Power, Hardware Connections, and LEDs The ZyXEL Device does not turn on.

  • Page 132: Zyxel Device Access And Login

    Chapter 15 Troubleshooting Inspect your cables for damage. Contact the vendor to replace any damaged cables. Disconnect and re-connect the power adaptor to the ZyXEL Device. If the problem continues, contact the vendor. 15.2 ZyXEL Device Access and Login I forgot the IP address for the ZyXEL Device. The default IP address is 192.168.1.2.
  • Page 133 Chapter 15 Troubleshooting • If you changed the IP address and have forgotten it, see the troubleshooting suggestions for I forgot the IP address for the ZyXEL Device. Check the hardware connections, and make sure the LEDs are behaving as expected.

  • Page 134: Internet Access

    Chapter 15 Troubleshooting I cannot use FTP to upload new firmware. See the troubleshooting suggestions for I cannot see or access the Login screen in the web configurator. Ignore the suggestions about your browser. 15.3 Internet Access I cannot access the Internet. Check the hardware connections, and make sure the LEDs are behaving as expected.
  • Page 135 Chapter 15 Troubleshooting There might be a lot of traffic on the network. Look at the LEDs, and check Section 1.7 on page 27. If the ZyXEL Device is sending or receiving a lot of information, try closing some programs that use the Internet, especially peer-to-peer applications.
  • Page 136 Chapter 15 Troubleshooting ZyXEL NWA-1100 User’s Guide...

  • Page 137: Appendices And Index

    Appendices and Index Product Specifications (139) Power over Ethernet (PoE) Specifications (141) Power Adaptor Specifications (143) Setting up Your Computer’s IP Address (145) Wireless LANs (157) Pop-up Windows, JavaScripts and Java Permissions (173) IP Addresses and Subnetting (181) Text File Based Auto Configuration (191) How to Access and Use the CLI (199) Open Software Announcements (203) Legal Information (215)

  • Page 139: Appendix A Product Specifications

    P P E N D I X Product Specifications The following tables summarize the ZyXEL Device’s hardware and firmware features. Table 45 Hardware Specifications Power Specification 12 V DC, 1 A Reset button Returns all settings to their factory defaults. Ethernet Port •...
  • Page 140 Appendix A Product Specifications Table 46 Firmware Specifications Certificates The ZyXEL Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. Certificates provide a way to exchange public keys for use in authentication. SSL Passthrough SSL (Secure Sockets Layer) uses a public key to encrypt data that's transmitted over an SSL connection.

  • Page 141: Appendix B Power Over Ethernet (Poe) Specifications

    P P E N D I X Power over Ethernet (PoE) Specifications You can use a power over Ethernet injector to power this device. The injector must comply to IEEE 802.3af.-7 Table 47 Power over Ethernet Injector Specifications Power Output 15.4 Watts maximum Power Current 400 mA maximum...
  • Page 142 Appendix B Power over Ethernet (PoE) Specifications ZyXEL NWA-1100 User’s Guide...

  • Page 143: Appendix C Power Adaptor Specifications

    P P E N D I X Power Adaptor Specifications Table 49 North American Plug Standards AC Power Adaptor Model ADS6818-1812-W 1215 Input Power 100~240 Volts AC, 50~60 Hz, 0.5 A Output Power 12 Volts DC, 1.5A, 18W Power Consumption 6 W Max Safety Standards UL, CUL (UL60950 Third Edition, CSA C22.2...
  • Page 144 Appendix C Power Adaptor Specifications ZyXEL NWA-1100 User’s Guide...

  • Page 145: Appendix D Setting Up Your Computer's Ip Address

    P P E N D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.
  • Page 146 Appendix D Setting up Your Computer’s IP Address Windows 95/98/Me Click Start, Settings, Control Panel and double-click the Network icon to open the Network window Figure 73 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks.
  • Page 147 Appendix D Setting up Your Computer’s IP Address Select Microsoft from the list of manufacturers. Select TCP/IP from the list of network protocols and then click OK. If you need Client for Microsoft Networks: Click Add. Select Client and then click Add. Select Microsoft from the list of manufacturers.
  • Page 148 Appendix D Setting up Your Computer’s IP Address Click the DNS Configuration tab. • If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in). Figure 75 Windows 95/98/Me: TCP/IP Properties: DNS Configuration Click the Gateway tab.
  • Page 149 Appendix D Setting up Your Computer’s IP Address Select your network adapter. You should see your computer's IP address, subnet mask and default gateway. Windows 2000/NT/XP For Windows XP, click start, Control Panel. In Windows 2000/NT, click Start, Settings, Control Panel. Figure 76 Windows XP: Start Menu For Windows XP, click Network Connections.
  • Page 150 Appendix D Setting up Your Computer’s IP Address Right-click Local Area Connection and then click Properties. Figure 78 Windows XP: Control Panel: Network Connections: Properties Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. Figure 79 Windows XP: Local Area Connection Properties The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
  • Page 151 Appendix D Setting up Your Computer’s IP Address • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. Click Advanced. Figure 80 Windows XP: Advanced TCP/IP Settings If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK.
  • Page 152 Appendix D Setting up Your Computer’s IP Address • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
  • Page 153 Appendix D Setting up Your Computer’s IP Address Macintosh OS 8/9 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/ IP Control Panel. Figure 82 Macintosh OS 8/9: Apple Menu ZyXEL NWA-1100 User’s Guide...
  • Page 154 Appendix D Setting up Your Computer’s IP Address Select Ethernet built-in from the Connect via list. Figure 83 Macintosh OS 8/9: TCP/IP For dynamically assigned settings, select Using DHCP Server from the Configure: list. For statically assigned settings, do the following: •...

  • Page 155: Macintosh Os X

    Appendix D Setting up Your Computer’s IP Address Macintosh OS X Click the Apple menu, and click System Preferences to open the System Preferences window. Figure 84 Macintosh OS X: Apple Menu Click Network in the icon bar. • Select Automatic from the Location list. •...
  • Page 156 Appendix D Setting up Your Computer’s IP Address • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your ZyXEL Device in the Router address box. Click Apply Now and close the window.

  • Page 157: Appendix E Wireless Lans

    P P E N D I X Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
  • Page 158 Appendix E Wireless LANs with each other. When Intra-BSS is disabled, wireless client A and B can still access the wired network but cannot communicate with each other. Figure 87 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network.
  • Page 159 Appendix E Wireless LANs An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless clients within the same ESS must have the same ESSID in order to communicate. Figure 88 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.11a/b/g wireless devices. Channels available depend on your geographical area.
  • Page 160 Appendix E Wireless LANs RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node. Both stations (STA) are within range of the access point (AP) or wireless gateway, but out-of-range of each other, so they cannot "hear"...

  • Page 161: Fragmentation Threshold

    Appendix E Wireless LANs network overhead involved in the RTS (Request To Send)/CTS (Clear to Send) handshake. If the RTS/CTS value is greater than the Fragmentation Threshold value (see next), then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size.

  • Page 162: Wireless Security Overview

    Appendix E Wireless LANs IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data rates.
  • Page 163 Appendix E Wireless LANs IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices.

  • Page 164: Types Of Eap Authentication

    Appendix E Wireless LANs • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access-Request message. The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting: •...
  • Page 165 Appendix E Wireless LANs However, MD5 authentication has some weaknesses. Since the authentication server needs to get the plaintext passwords, the passwords must be stored. Thus someone other than the authentication server may access the password file. In addition, it is possible to impersonate an authentication server as MD5 authentication method does not perform mutual authentication.

  • Page 166: Dynamic Wep Key Exchange

    Appendix E Wireless LANs Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed. If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless screen.
  • Page 167 Appendix E Wireless LANs If the AP or the wireless clients do not support WPA2, just use WPA or WPA-PSK depending on whether you have an external RADIUS server or not. Select WEP only when the AP and/or wireless clients do not support WPA or WPA2. WEP is less secure than WPA or WPA2.
  • Page 168 Appendix E Wireless LANs keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of WEP) User Authentication WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database. WPA2 reduces the number of key exchange messages from six to four (CCMP 4-way handshake) and shortens the time required to connect to a network.
  • Page 169 Appendix E Wireless LANs The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients.

  • Page 170: Security Parameters Summary

    Appendix E Wireless LANs The AP and wireless clients use the TKIP or AES encryption process to encrypt data exchanged between them. Figure 91 WPA(2)-PSK Authentication Security Parameters Summary Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type.

  • Page 171: Antenna Characteristics

    Appendix E Wireless LANs Antenna Overview An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air. Positioning the antennas properly increases the range and coverage area of a wireless LAN.

  • Page 172: Positioning Antennas

    Appendix E Wireless LANs • Omni-directional antennas send the RF signal out in all directions on a horizontal plane. The coverage area is torus-shaped (like a donut) which makes these antennas ideal for a room environment. With a wide coverage area, it is possible to make circular overlapping coverage areas with multiple access points.

  • Page 173: Appendix F Pop-Up Windows, Javascripts And Java Permissions

    P P E N D I X Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here.
  • Page 174 Appendix F Pop-up Windows, JavaScripts and Java Permissions In Internet Explorer, select Tools, Internet Options, Privacy. Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 93 Internet Options: Privacy Click Apply to save this setting.
  • Page 175 Appendix F Pop-up Windows, JavaScripts and Java Permissions Select Settings…to open the Pop-up Blocker Settings screen. Figure 94 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. ZyXEL NWA-1100 User’s Guide...
  • Page 176 Appendix F Pop-up Windows, JavaScripts and Java Permissions Click Add to move the IP address to the list of Allowed sites. Figure 95 Pop-up Blocker Settings Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
  • Page 177 Appendix F Pop-up Windows, JavaScripts and Java Permissions In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 96 Internet Options: Security Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default). Under Scripting of Java applets make sure that Enable is selected (the default).

  • Page 178: Java Permissions

    Appendix F Pop-up Windows, JavaScripts and Java Permissions Click OK to close the window. Figure 97 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM.
  • Page 179 Appendix F Pop-up Windows, JavaScripts and Java Permissions Click OK to close the window. Figure 98 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. ZyXEL NWA-1100 User’s Guide...
  • Page 180 Appendix F Pop-up Windows, JavaScripts and Java Permissions Click OK to close the window. Figure 99 Java (Sun) ZyXEL NWA-1100 User’s Guide...

  • Page 181: Appendix G Ip Addresses And Subnetting

    P P E N D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
  • Page 182 Appendix G IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. Figure 100 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask.
  • Page 183 Appendix G IP Addresses and Subnetting Table 57 Subnet Masks OCTET: OCTET: OCTET: OCTET (192) (168) Network Number 11000000 10101000 00000001 Host ID 00000010 By convention, subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits.
  • Page 184 Appendix G IP Addresses and Subnetting As these two IP addresses cannot be used for individual hosts, calculate the maximum number of possible hosts in a network as follows: Table 59 Maximum Host Numbers MAXIMUM NUMBER OF SUBNET MASK HOST ID SIZE HOSTS 8 bits 255.0.0.0...
  • Page 185 Appendix G IP Addresses and Subnetting Subnetting You can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the company network for security reasons. In this example, the company network address is 192.168.1.0.
  • Page 186 Appendix G IP Addresses and Subnetting The following figure shows the company network after subnetting. There are now two sub-networks, A and B. Figure 102 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of –...
  • Page 187 Appendix G IP Addresses and Subnetting Each subnet contains 6 host ID bits, giving 2 - 2 or 62 hosts for each subnet (a host ID of all zeroes is the subnet itself, all ones is the subnet’s broadcast address). Table 61 Subnet 1 LAST OCTET BIT IP/SUBNET MASK...
  • Page 188 Appendix G IP Addresses and Subnetting Table 64 Subnet 4 (continued) LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE Subnet Address: Lowest Host ID: 192.168.1.193 192.168.1.192 Broadcast Address: Highest Host ID: 192.168.1.254 192.168.1.255 Example: Eight Subnets Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111).

  • Page 189: Configuring Ip Addresses

    Appendix G IP Addresses and Subnetting The following table is a summary for subnet planning on a network with a 16-bit network number. Table 67 16-bit Network Number Subnet Planning NO. “BORROWED” NO. HOSTS PER SUBNET MASK NO. SUBNETS HOST BITS SUBNET 255.255.128.0 (/17) 32766...
  • Page 190 Appendix G IP Addresses and Subnetting address that you entered. You don't need to change the subnet mask computed by the ZyXEL Device unless you are instructed to do otherwise. Private IP Addresses Every machine on the Internet must have a unique address. If your networks are isolated from the Internet (running only between two branch offices, for example) you can assign any IP addresses to the hosts without problems.

  • Page 191: Appendix H Text File Based Auto Configuration

    P P E N D I X Text File Based Auto Configuration This chapter describes how administrators can use text configuration files to configure the wireless LAN settings for multiple APs. Text File Based Auto Configuration Overview You can use plain text configuration files to configure the wireless LAN settings on multiple APs.
  • Page 192 Appendix H Text File Based Auto Configuration You can have a different configuration file for each AP. You can also have multiple APs use the same configuration file. Note: If adjacent APs use the same configuration file, you should leave out the channel setting since they could interfere with each other’s wireless traffic.
  • Page 193 Appendix H Text File Based Auto Configuration Verifying Your Configuration File Upload Via SNMP You can use SNMP management software to display the configuration file version currently on the device by using the following MIB. Table 70 Displaying the File Version ITEM OBJECT ID DESCRIPTION...
  • Page 194 Appendix H Text File Based Auto Configuration The AP ignores any improperly formatted commands and continues to check the next line. If there are any errors while processing the configuration file, the AP generates a message with the line number and reason for the first error (subsequent errors during the processing of an individual configuration file are not recorded).
  • Page 195 Appendix H Text File Based Auto Configuration Figure 106 802.1X Configuration File Example !#ZYXEL PROWLAN !#VERSION 12 wcfg security 2 name Test-8021x wcfg security 2 mode 8021x-static128 wcfg security 2 wep key1 abcdefghijklm wcfg security 2 wep key2 bcdefghijklmn wcfg security 2 wep keyindex 1 wcfg security 2 reauthtime 1800 wcfg security 2 idletime 3600 wcfg security save...
  • Page 196 Appendix H Text File Based Auto Configuration Figure 108 WPA Configuration File Example !#ZYXEL PROWLAN !#VERSION 14 wcfg security 4 name Test-wpa wcfg security 4 mode wpa wcfg security 4 reauthtime 1800 wcfg security 4 idletime 3600 wcfg security 4 groupkeytime 1800 wcfg security save wcfg radius 4 name radius-rd1 wcfg radius 4 primary 172.0.20.38 1812 20 enable...
  • Page 197 Appendix H Text File Based Auto Configuration !#ZYXEL PROWLAN !#VERSION 15 wcfg ssid 1 name ssid-wep wcfg ssid 1 security Test-wep wcfg ssid 2 name ssid-8021x wcfg ssid 2 security Test-8021x wcfg ssid 2 radius radius-rd wcfg ssid 3 name ssid-wpapsk wcfg ssid 3 security Test-wpapsk wcfg ssid 4 name ssid-wpa2psk wcfg ssid 4 security Test-wpa2psk...
  • Page 198 Appendix H Text File Based Auto Configuration ZyXEL NWA-1100 User’s Guide...

  • Page 199: Appendix I How To Access And Use The Cli

    P P E N D I X How to Access and Use the CLI This chapter introduces the command line interface (CLI). Accessing the CLI Use Telnet to access the CLI. Connect your computer to one of the Ethernet ports. Open a Telnet session to the ZyXEL Device’s IP address.
  • Page 200 Appendix I How to Access and Use the CLI stdio set command to extend the idle timeout. For example, the ZyXEL Device automatically logs you out of the management interface after 60 minutes of inactivity after you use the sys stdio set 60 command. Use the sys stdio show command to display the current idle timeout setting.
  • Page 201 Appendix I How to Access and Use the CLI Note: Commands are case sensitive! Enter commands exactly as seen in the command interface. Remember to also include underscores if required. Copy and Paste Commands You can copy and paste commands directly from this document into your terminal emulation console window (such as HyperTerminal).

  • Page 202: Saving Your Configuration

    Appendix I How to Access and Use the CLI Type help and press [ENTER]. A list comes up which shows all the commands available for this device. ras> help alarm chsh config exit statistics switch voip ras> Saving Your Configuration In the ZyXEL Device some commands are saved as you run them and others require you to run a save command.

  • Page 203: Appendix J Open Software Announcements

    P P E N D I X Open Software Announcements Notice Information herein is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, except the express written permission of ZyXEL Communications Corporation.
  • Page 204 Appendix J Open Software Announcements or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it.
  • Page 205 Appendix J Open Software Announcements keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee.
  • Page 206 Appendix J Open Software Announcements Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium...
  • Page 207 Appendix J Open Software Announcements If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.
  • Page 208 Appendix J Open Software Announcements NO WARRANTY BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/ OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  • Page 209 Appendix J Open Software Announcements eCos is distributed in the hope that it will be useful, but WITHOUT ANY ARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with eCos;...
  • Page 210 Corporation at: ZyXEL Technical Support. End-User License Agreement for NWA-1100 WARNING: ZyXEL Communications Corp. IS WILLING TO LICENSE THE ENCLOSED SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT. PLEASE READ THE TERMS CAREFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM.
  • Page 211 Appendix J Open Software Announcements The Software and Documentation contain material that is protected by United States Copyright Law and trade secret law, and by international treaty provisions. All rights not granted to you herein are expressly reserved by ZyXEL. You may not remove any proprietary notice of ZyXEL or any of its licensors from any copy of the Software or Documentation.
  • Page 212 Appendix J Open Software Announcements come into contact with the Software, and to use reasonable best efforts to ensure their compliance with such terms and conditions, including, without limitation, not knowingly permitting such persons to use any portion of the Software for the purpose of deriving the source code of the Software.
  • Page 213 Appendix J Open Software Announcements IMPOSED FROM TIME TO TIME. YOU SHALL NOT EXPORT THE SOFTWARE, DOCUMENTATION OR INFORMATION ABOUT THE SOFTWARE AND DOCUMENTATION WITHOUT COMPLYING WITH SUCH LAWS, REGULATIONS, ORDERS, OR OTHER RESTRICTIONS. YOU AGREE TO INDEMNIFY ZyXEL AGAINST ALL CLAIMS, LOSSES, DAMAGES, LIABILITIES, COSTS AND EXPENSES, INCLUDING REASONABLE ATTORNEYS' FEES, TO THE EXTENT SUCH CLAIMS ARISE OUT OF ANY BREACH OF THIS SECTION 8.
  • Page 214 Appendix J Open Software Announcements ZyWALL USG 300 User’s Guide...

  • Page 215: Appendix K Legal Information

    ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein.
  • Page 216 Appendix K Legal Information • This device must accept any interference received, including interference that may cause undesired operations. This device has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.

  • Page 217: Zyxel Limited Warranty

    Appendix K Legal Information 本機限在不干擾合法電臺與不受被干擾保障條件下於室內使用。 Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment. This device has been designed for the WLAN 2.4 GHz and 5 GHz networks throughout the EC region and Switzerland, with restrictions in France.
  • Page 218 Appendix K Legal Information purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser. To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid.

  • Page 219: Index

    Index Index Numbers Beacon Interval BPDU Bridge 802.1x-Only Bridge loops 802.1x-Static128 bridged APs, security 802.1x-Static64 56, 157 Access Point 20, 39 Accounting Server Certificate Ad-hoc authentication Advanced Encryption Standard file format See AES. Certificate Authority See CA. Alerts Certificate Screen Alternative subnet mask notation certificate-based authentications announcements...
  • Page 220 Index Date and time start Generic Token Card DHCP digital certificate Dimensions Disclaimer Distribution System handshake Domain Name Server (DNS) help (in the CLI) Hidden node DTIM Interval Hide SSID Dynamic WEP key exchange Humidity IANA 99, 190 EAP authentication IBSS Enable Antenna Diversity 63, 66...
  • Page 221 Index jitter MAC Address Clone MAC Filter Allow Association Deny Association MAC Filter Screen MAC filtering 75, 78 Maintenance Association List Backup Channel Usage Configuration F/W Upload latency Restart LEAP Restore LEDs 27, 131 Management Information Base (MIB) Blinking managing the device ETHERNET using Telnet.
  • Page 222 Index Server IP Address Server Port Share Secret Pairwise Master Key (PMK) 167, 169 RADIUS server Passphrase Rates Configuration 60, 63, 66 Password 132, 139 registration PEAP product Personal Information Exchange Syntax Related documentation Standard Remote Authentication Dial In User Service PFX PKCS#12 remote management remote management limitations...
  • Page 223 Index traps software announcements Spanning Tree Protocol telnet Bridge Protocol Data Units Telnet (accessing the CLI) How STP Works Temperature Port States Temporal Key Integrity Protocol Rapid STP Temporal Key Integrity Protocol (TKIP) Terminology Text file based auto configuration 140, 191 topology TFTP restrictions Specifications...
  • Page 224 Index Web Configurator Roaming Logout RTS/CTS Threshold password SSID Wi-Fi MultiMedia Wireless Client Mode WEP key encrypting Wireless Mode Wi-Fi MultiMedia WMM QoS Wi-Fi Protected Access 75, 166 WLAN Wired Equivalent Privacy interference Wireless Association List security parameters Wireless Client 21, 41 Wireless client WPA supplicants WMM QoS...
  • Page 225 Index ZyXEL NWA-1100 User’s Guide...

Table of Contents