We reserve the right to make changes and improvements to any of the products described in this guide without prior notice. Nokia is not responsible for any loss of data, income or any consequential damage howsoever caused. ISSUE 2...
Welcome This guide tells you how to operate the Nokia A032 Wireless LAN Access Point, and provides information about configuration options, management and performance tuning. How to use this guide You should first have read and followed the instructions in the Getting Started guide.
Conventions used in this guide Internet gateway information Information relating to use of the Nokia A032 as an Internet access device, either by dial-up or NAT, is shown with a bar on the right-hand side of the page: Such information includes Internet settings and NAT addressing and firewalls.
The Getting Started guide explained how to perform initial configuration by putting the Nokia A032 into Learn mode. Now you can access all of the Nokia A032’s In some cases, you can setup pages from any station (wired or only configure the...
Displaying the Access Point home page To display the Access Point home page: If necessary, start up the Nokia A032 in Normal mode. From any wired or wireless LAN station, start a web browser (such as Internet Explorer). Point the browser to the IP address of the Access Point.
Setup pages on page 32 for more information). Graphical cues and links The image of the A032 on the Home page gives you a quick idea of the status of the various interfaces. You can click different parts of the image to view certain status pages.
Internet. However, it will still be possible to force a connection by clicking Connect While automatic dialing is disabled the button text reads ; enter the password Enable and click here to reenable. Nokia A032 Advanced User Guide...
Click the link in the lefthand menu bar. Status • You’ll see a summary of the Nokia A032’s status (see Main status screen on page 8). • The menu bar will change, giving you links to all the status pages:...
LAN, Internet and wireless subsystems. As a short-cut, you can click various active parts of the Nokia A032 image on the Home page. The following table summarizes these features. Nokia A032 Advanced User Guide...
A successfully connected link is indicated by a bright green line with moving yellow bullets. Globe Modem statistics page 19 Link to globe statistics page 16 A032 unit Internals None. status page 30 Using the Web manager...
Number of Associated This shows how many wireless users are attached to the Wireless Stations Nokia A032 LAN Network status TP – 10baseT (twisted pair) OFF – the LAN has been disabled by the user. Nokia A032 Advanced User Guide...
Field Description This shows the current state of the Internet Access port. Internet Access status Possible values are: • Disabled – Internet Access is configured off • Down – link is disconnected • Backoff – Link is down and in backoff mode due to previous failure to connect.
Management Information Base (MIB) as described in Radio card statistics on page 13. In practice retransmission will normally ensure that the lost data is recovered. The A032 has information about both the radio interface and the LAN interface and gives a good summary of network activity.
All tables of statistics have the following fields in common: Field Description Statistics last cleared This shows the time and date when the accumulated statistics were reset to zero. Often this will be the last time the unit was restarted. Seconds Accumulated The number of seconds over which statistics have been accumulated.
Number of bytes in received data frames It is important to note that these statistics are collected by the A032 based on the frames sent between it and the PCMCIA radio card. The PCMCIA radio card does not forward all data to the A032 main processor.
Radio card statistics To view the raw statistics from the radio card click at the bottom of the Show Radio Detail radio statistics page. To return to the Radio statistics page, click the Back icon or click in the lefthand Statistics menu.
Number of times ACK was not received after transmission aReceived_Frame_Count Number of received frames aMulticast_Received_Count Number of Multicast frames received aFCS_Error_Count Number of frames received with checksum errors The fields update regularly. Click to set Clear them all to zero. Nokia A032 Advanced User Guide...
LAN statistics To view statistics for the LAN link click Show at the bottom of the radio statistics page. This will result in a screen as shown below: The meaning of the fields is given below: Field Description Frames Transmitted The number of frames transmitted from the Access Point to the Ethernet LAN.
If a call is in progress the table shows the total statistics for the call and the statistics for the last 10 second sample: • If the link is down (no call in progress) the table shows accumulated total statistics: Nokia A032 Advanced User Guide...
The fields have the following meanings: Field Description Frames Transmitted Number of frames sent over PPP link Bytes Transmitted Number of bytes in transmitted PPP frames RX Frames (Good) Number of PPP frames received Rx Frames (Bad) Number of PPP frames discarded due to incomplete or CRC error Data Bytes Rcvd Number of data bytes in good received frames.
Click Modem in the lefthand menu. Modem PPP log Click View PPP Log in the Modem screen. 24hr dial-up Click View 24 Hour History in the Modem screen. history Advanced Internet Click Internet Sharing in the lefthand menu. sharing Nokia A032 Advanced User Guide...
Last Response Shows the last message sent by the modem to the A032 during a dial attempt. This can be useful in several ways. If a connection is successful this usually shows the connect message received from the modem.
Note that the values are reset to zero when the Access Point is restarted. There are two links at the bottom of this screen: • View PPP Log • View 24 Hour history See below for descriptions. Nokia A032 Advanced User Guide...
View 24 Hour History This shows the usage of the modem over the last 24 hours (or since the last restart): The chart shows the amount the modem was connected in each 15-minute interval. For example if the modem was connected twice within the period, once for 3 minutes and once for 5 minutes, the log will show 50% connected (8 minutes out of 15 minutes).
In this way the last call is always captured regardless of whether it succeeded or failed. To return to the Modem statistics page, click the Back icon or click in the lefthand Modem menu. Nokia A032 Advanced User Guide...
Associated Stations menu displays information about wireless stations which are currently connected to (associated with) the A032: Each line in the table shows data for one wireless station. If there are more stations than can be shown in a single screen, click...
Three hyperlinks are available at the bottom of the table: • Associated Stations – (This screen) Shows wireless LAN stations currently associated with this A032. This includes other access points which are attached as bridges or repeaters • Wireless Stations – Shows all wireless stations of which the Access Point is aware.
Detail and Report screens If you click the link for a station in the Detail table of associated stations, you’ll see the following screen As well as the station’s MAC address, IP address and network name, this shows: • Qual – a number from 1 to 10 indicating signal strength (10 is best) •...
This screen provides information related to the NAT firewall and the PPP IPCP negotiation: There are three sections to the display: • Summary of NAT Tables entries • Data about most recent packet forwarded • PPP IPCP summary. Nokia A032 Advanced User Guide...
The maximum number of Internet Sessions (NAT table entries) the A032 can handle is 256. Details of last packet Source and destination information for the most recent send to Internet packet forwarded.
The screen is divided into three sections: • Summary information about the DHCP server • The DHCP log • Detailed information about a specific DHCP address. Nokia A032 Advanced User Guide...
Summary fields The Summary fields are as follows: Field Description IP Base Address The DHCP base address as configured by the manager Pool Size The DHCP pool size as configured by the manager Free Addresses The number of unassigned addresses Leased The number of addresses currently assigned and in use Pending...
The second part (yy.yy) is the version number of the Nokia A032 BIOS ( bios.bin The Date code shows the build date for the Nokia A032 software which can be useful for technical support. Access Point Last The timestamp when the access point was last restarted.
Under normal circumstances the buffer utilization should be under 60% • System Loading – Utilization of the processor in the A032. Normally this will be less that 50% • Radio Usage – Utilization of the radio link. The first bar indicates a value between 0 and 10%.
Web-based setup This section explains all the options available on the Setup pages. Displaying Setup pages You can only configure the Nokia A032 if you know the management password – this is set to at the factory. The system manager default should change this as soon as possible (see Management security options on page 45).
If you enter the password incorrectly, or there are other problems, you’ll see the following message: Click and try again. HOME After correctly entering the password you’ll see the basic setup page: (For a description of these options, see page 35.) Basic and Advanced links The links on the left give access to the various set-up screens.
Click in the lefthand frame. This will Save cause the new parameters to be written to permanent memory; the Nokia A032 will restart, putting the changes into effect. Reverting to active or default settings Many configuration screens have the following radio buttons at the bottom: •...
Important: Use only the region setting appropriate for the area where the wireless LAN card is used at the present time. Using the Nokia Wireless LAN adapter card in any other region or with an incorrect region setting may be illegal. Note that choosing European Domain will cause the date fields to be interpreted in European format (dd/mm/yyyy).
If you’re only using one network, you can use the default Nokia WLAN Access Point Name String up to 15 characters used to give the Nokia A032 an identifier name. Useful if you have multiple access points on a network.
WEP, plus non-WEP stations using open authentication (no key required). Note that the Nokia A032 is forced to use open access in Learn mode. • WEP – Allows the same stations as Personal WEP Only, plus stations with a valid shared WEP key.
WEP keys. • Normal – IEEE802.11 compatible mode: 40 bits • Strong – 128-bit key length • Custom – See Min and Max key length settings in Advanced WEP setup on page 49 Nokia A032 Advanced User Guide...
Basic Internet Access setup Most of the settings required for use with the Internet Access (dial-up networking) function of the Nokia A032 can be configured from this screen: This section assumes you’re using a modem for Internet access. If you’ve specified LAN or...
Action buttons Two action buttons are provided on the advanced screen. • – causes the A032 to perform a Restart power-on reset. Any pending changes which have not been saved will be discarded. • – disables the radio in the unit.
If you do not want to assign an IP address, or if you want to configure the Nokia A032 to assign itself an IP address using its own DHCP server, set this field to 0.0.0.0...
Description All frames are forwarded (default). TCP/IP The Nokia A032 only forwards TCP/IP frames. This is useful in networks which have a large amount of mixed traffic. In particular, some older systems using MAC level multicast (e.g. DEC LAT) to communicate between terminals and Mainframe computers.
NAT port selection See Appendix H for a complete description of NAT firewalls and port selection. Usually you’ll use the setting Modem here: • – used for dial-up networking Modem • – disables Internet access. Selection of the NAT port affects some of the other screens, notably the Internet Access setup (which uses different parameters depending on whether the NAT port is applied to the LAN or...
LAN interface Use this option to control the LAN interface. Options are as follows: • 10baseT active • – Disables the LAN interface. Nokia A032 Advanced User Guide...
Management security options You can prevent unauthorized access to the management function by selecting the level of security and the password. The configuration fields associated with Security settings are: Field Description Web/Telnet/TFTP Use this to restrict access to the Web, Telnet and TFTP Manager management interfaces.
Such repair is not covered by the warrantee. Setting specific managers The A032 can be configured so that only specific workstations are allowed to access the management functions. This is especially important for TFTP protection.
(except when required) or specify the IP addresses of up to four managers’ workstations which are allowed to perform the task. In this case the A032 will only accept transfers from workstations with those specified IP addresses. In addition, only the named managers will be allowed to access the Telnet or web functions.
SNMP – see SNMP A032. setup on page 63. Use the boxes to switch access Allow Access on or off for each workstation. Click Enter If necessary, click the Back button to return to the Advanced setup screen. Nokia A032 Advanced User Guide...
Advanced WEP setup This screen allows you to configure all the WEP functions (for a description of WEP, see Data encryption and security on page 127): In addition to the basic functions described in Basic WEP setup on page 37, the following options are available.
Determines which key database the Nokia A032 will use for clients with personal WEP keys. • Local – The Nokia A032 will only use the keys stored in its internal flash memory • RADIUS – The Nokia A032 will only use keys obtained from the external key database via RADIUS •...
First call the phone number of the modem to which the A032 is connected. The modem will not answer but the A032 will observe that the line is ringing. Now hang up – within 30 seconds the A032 will dial out and connect to the Internet.
Option Description Require Encrypted If checked, the A032 will refuse to log on to ISPs which Logon do not support encrypted log-on (i.e. PPP-MD5CHAP). If this option is disabled, and your ISP doesn’t support encrypted logons, the A032 may use a less secure method (PAP) in which the username and password are sent in clear text format.
Option Description External IP Address If your ISP does not allocate IP addresses dynamically, set your static IP address here. Otherwise, leave it blank. External DNS IP Most modern ISP accounts send DNS server information Address (1 & 2) to a user’s computer when logging on, so you can usually leave these blank.
The Set NAT Holes screen allows you to define up to four NAT holes and allow external access to specific machines on your LAN: Please see Setting NAT holes – providing external access on page 201 for a detailed description. Nokia A032 Advanced User Guide...
Setting a logon script Most ISPs don’t require you to specify a logon script. Your ISP will tell you if you need to do this: To enter a line in the script: Enter the (you can leave this Line Number step out to add a line to the end of the script).
$USER . If one of these tokens is $PASSWORD used as the parameter, it will be replaced by the configured username or password (from the Internet Access Screen) when the script is run. Nokia A032 Advanced User Guide...
Example script An example of a script is shown below: 1: / Example Script 2: delay 2 3: sendcr 4: wait "username:" 5: send "$USER" 6: sendcr 7: wait "protocol:" 8: send "PPP" 9: sendcr Line 1 Comment only Line 2 Delay 2 seconds Line 3 Sends CRLF to ISP (Often required to get...
By default, all IP frames which are addressed off the local network will be passed by the A032 to the Internet. If a connection is not available, a dial-up procedure will be initiated. Sometimes you might want to disable certain Internet applications or prevent unwanted dialing by filtering out some port numbers.
There would be no point in setting all entries to Reject as this would effectively disable the Internet connection. However, if you only want to enable a few entries, click and then Reject All enable those that are required. Note that some applications use dynamic port assignment using arbitrary port numbers.
40), the Internet Access Setup screen (both basic and advanced) will show a different set of parameters: For correct operation of the unit when connected to an external LAN or wireless LAN, all four of the parameters must be correctly specified. Nokia A032 Advanced User Guide...
External IP Address Although there may be many IP addresses on the local network, the A032 can only have one IP address on the external side of the firewall. When PPP is used this address may be dynamically configured. However when...
The following diagram shows an example network: server 188.8.131.52 Intranet Gateway 184.108.40.206 External network subnet 255.255.0.0 Nokia Access Point (external) 220.127.116.11 Firewall Nokia Access Point (internal) 192.168.0.3 Laptop 192.168.0.1 Local network Laptop subnet 192.168.0.2 255.255.255.192 Nokia A032 Advanced User Guide...
SNMP setup This screen allows you to set up the A032 for use with Simple Networking Management Protocol (SNMP): Some of the parameters on this screen are also used to control access to the Telnet, Web and TFTP management interfaces. Please see Setting specific managers on page 46.
Disable Get Globally disables the Get function. Disable Traps Globally disables the ability to generate traps (system events) generated by the A032. Allow any SNMP When checked, allows any workstation to get SNMP manager information. When unchecked, restricts Gets to specific...
DHCP DNS Server The default setting causes the DHCP server to instruct the clients to use the A032 as their gateway and (proxy) DNS server. This is required for normal Internet access through the A032. If you have another gateway or DNS...
2. Command line interface The command line manager (CLM) gives you complete control over the Nokia A032 via a text-based interface. This chapter • explains how to access the CLM • explains how to configure the Nokia A032 using the command •...
Using a Telnet session You can use any LAN station to access the CLM In order to use Telnet, on the Nokia A032. To use Telnet on a the Nokia A032 needs Windows 95/98 machine: to have an IP address configured.
You’re now ready to enter commands. Setting the time and date You can use the commands time date update the Nokia A032. To set the time, enter the following: time hh:mm:ss where: hh = hours (0 – 23) mm = minutes (0 – 59) ss = seconds (0 –...
CLM commands on page 90. The procedure for entering commands to configure the Nokia A032 is the same, whether you’re using a Telnet session or a terminal emulator via the serial port. The basic command syntax is:...
Logical name of wireless network ap_name Identifier name for access point protocols Selects protocol filtering TCP/IP parameters ip_address Sets IP address of Nokia A032 subnet_mask Sets Subnet Mask for local network gateway Sets Default Route when TCP/IP filtering Command line interface...
Controls wireless LAN access via NID names manager Specifies access to management functions manager_ip Defines IP addresses of specific managers lock Higher security password lock function Controls the LAN port on the A032 hardware WEP security functions wep_mode Specifies access policy wep_key_range Specifies encryption level wep_key...
Fixed value of ISP DNS server isp_ip_address Fixed value of external (ISP) IP address. Modem setup mdm_speed Data rate between A032 and modem mdm_init AT command initialization string sent to modem mdm_holdtime Minutes of inactivity to go on hook NAT setup...
The default value of each parameter is shown below. To set a parameter back to its default value use the set command but leave the parameter field blank. For example: set ip_address Nokia A032 Advanced User Guide...
Radio-related Parameter Description Default channel Specifies the operating channel for the Nokia A032. domain Sets the operating area and enables valid channels. depends on where unit purchased rts_threshold Determines whether RTS/CTS frames should be sent 2301 on the wireless link and what size frames they should be used for.
In practical terms, multicasts and requests are restricted to use of the basic rate. The basic rates are set in kHz. Valid values include 5500 and 11000 Nokia A032 Advanced User Guide...
This name is displayed in some of the management commands. protocols The default mode of the A032 is to pass all protocols. Some non-TCP/IP protocols issue frequent broadcasts or multicast messages. These can use up the available data bandwidth on the wireless LAN and slow down response time.
Parameter Description Default IP_address Used to assign a TCP/IP address to the Nokia A032. No IP address assigned subnet_mask Used to define the TCP/IP subnet mask. This field 255.0.0.0 should be set if you plan to use the built in management features.
Management functions Parameter Description Default password Sets the password access to the CLM and the web default interface. The password is an alphanumeric string up to 16 characters long. telnet enables built-in Telnet management function disables Telnet management function sets the number for the Telnet server port port (e.g.
0 = traps not sent. For example: set manager_ip 2 192.168.0.1 sets the second of four managers as having IP address 192.168.0.1. set manager_ip 2 clears the second entry in the management table. There is no default value. Nokia A032 Advanced User Guide...
• The reset unit to default feature is disabled so that the unit cannot be reconfigured even with physical access • The backdoor password is disabled – Nokia Tech- nical support can normally recover a unit when the password has been forgotten using a back- door password.
Personal WEP keys not supported. Mode provided for compatibility with other vendor equipment; not generally recommended. can take the following values: database Flash-based database in A032 used local External key database used radius Local database used; if not found in either local database, ext.
Parameter Description Default wep_key_range Sets WEP key policy (see Setting WEP key policy on page 138). Command takes the form: set wep_key_range min max where min and max show the encryption strengths, and can take the following values: enter keys ten octets enter keys as 14 octets enter keys as 16 octets enter keys as 24 octets...
When false the file must be in normal text mode (keys are still encrypted in the file). Please see Data encryption and security on page 127 for more information on WEP security. Nokia A032 Advanced User Guide...
Nokia A032 is used as an Internet access device, the gateway of attached clients must be set to the IP address of the Nokia A032. The default value of dhcp_gateway provides the IP address of the A032. If the DHCP server is used...
Your ISP password used in dial-up networking (empty) under Windows. isp_dns1, Some older ISPs may require that this information (empty) isp_dns2, be programmed into the Nokia A032 manually. Use isp_ip_address if your ISP has allocated you a isp_ip_address static IP address. Nokia A032 Advanced User Guide...
Parameter mdm_speed Specifies the data rate used to communicate 57600 between the Nokia A032 and a modem. Note that (bps) this is not necessarily the rate that the modem will support when it communicates to the ISP. Generally the modem will not connect at a speed higher than this rate but it may connect at a speed which is lower.
Determines on which interface NAT is active. Can be one of the following: modem radio nat_subnet Subnet mask of external LAN (see page 199). 0.0.0.0 nat_gateway Gateway address of external LAN (see 0.0.0.0 page 199). Nokia A032 Advanced User Guide...
SNMP setup Parameter Description Default community_get Allows users in your community to get SNMP public information. community_set Not supported Command line interface...
CLM commands This section gives a complete listing of the CLM commands available on the Nokia A032. For an explanation of how to access the CLM, see page 67. The basic command syntax is: command parameter1 value The format of value depends on the parameter you’re changing.
MAC addresses, associated IP addresses and age of each entry that the Nokia A032 has detected. Since the associations are dynamically discovered, all ARP tables have an aging process, which removes entries from the table after a period of inactivity.
LAN Disables the wired LAN interface. Once disabled, you can only reenable the interface by restarting the Nokia A032. disable radio Disables the radio interface. Once disabled, you can only reenable the interface by restarting the Nokia A032.
Command Description ping Causes the Nokia A032 to issue an ICMP Echo request (PING) to a specified IP address. The format of the command is: ping xxx.xxx.xxx.xxx yy where xx.xx.xx.xx is the destination IP address yy is an optional parameter which causes the command to enter a loop and ping the address every yy seconds.
Displays information similar to the Stations screen of the web interface. The command lists information about stations which the Nokia A032 has seen or associated with. In the case of wireless stations the command displays status information about the stations. Lists all known stations attached via the wired show G LAN port.
(or on) tracing of all events The default (starting) state is: traceoff br+ br- IP+ traceon sys Displays product name, along with version and copyright information for the A032 software. Command line interface...
3. NID naming and security This chapter explains how to use NID names to: • identify and keep track of Nokia A032 users • control access to a Nokia A032 network. NID names provide level 1 security features (see Authentication and encryption on page 128).
NID names can also be used as a security measure, as described on page 101. NID name table The Nokia A032 can store a list of up to 200 NID names in its flash memory, in the NID name table.
Using NID names The basic approach to using NID names is as follows: Ascertain the MAC addresses of the cards to which you want to assign NID names. Assign the NID names, thereby updating the NID name table. If necessary, restrict network access to stations listed in the NID name table.
NID names) use TFTP to fetch your simple nids.txt file, edit it to add as many entries as necessary, then send it again (see Using the TFTP client program on page 105). Nokia A032 Advanced User Guide...
LAN. Use the CLM to issue the command: set admission named After that, the Nokia A032 will only accept new connections with wireless stations which have a defined NID name (i.e. those listed in the NID name table).
Overview For the most part, you use the web interface or CLM to update the configuration and display the status of the Nokia A032. However, some information is too big or unwieldy to handle using a terminal style interface. For example, the NID name table can hold up to 200 entries.
Nokia A032 as a TFTP server The Nokia A032 acts as a TFTP server. You run a TFTP client on a station to perform the file transfers. The term files applies in the conventional sense to client machines. The A032 has no hard disk, but it still uses file names to identify its stored information.
If you want, place a check in the Remember box. recently used file names and IP addresses This will save time next time you use TFTP. Enter the IP address of the Nokia A032 into field. IP Address of AP Using TFTP...
In the field, choose the name of Remote File files. the A032 ‘file’ you want to send or fetch from the drop-down menu. A description of these files is given in TFTP file descriptions on page 108. Click...
This creates a text file on your client with the current configuration settings of your Nokia A032. send This sends a configuration file to the Nokia A032 and updates all the operating parameters. This will usually be a configuration that has been previously downloaded, and may have been edited.
Nokia A032 using TFTP. log.txt The Nokia A032 maintains a log file which is updated when the unit is initialized. This file keeps a record of each initialization. The contents of the log file is explained more fully in Appendix F.
This file is a text file containing all the Nokia A032’s important configuration settings. A system manager may want to keep a record Note: This does not of the Nokia A032’s configuration settings for save or restore NID future reference, or as a backup before name, Bridge Table or performing any new configuration.
%domain: ETSI /*%sifs_time: 000 /*%telnet:00023 /*%web:00080 %wep_mode: any radius /*%protocols:all %admission:all %manager: any 0 0 1 %basic_rate: 1000 2000 %wep_key_range: 40 128 %dhcp_pool: 6 %dhcp_base:192.168.100.100 %isp_num:0800123456 %isp_user:"ispuser" %mdm_speed:57600 %mdm_holdtime: 00003 %nat_port: serial %community_get:public %community_set:private /*default setting Nokia A032 Advanced User Guide...
Old line: /*%channel: 10 Modified line: %channel: 11 Save config.txt Send the file to the Nokia A032 using the TFTP client. When you send , the following config.txt action is taken by the Nokia A032: The new configuration file is read in and checked for format.
Nokia A032. When you retrieve from the Nokia nids.txt A032 it will be stored in a disk file with one line for each NID Table or Bridge Table entry (for more on bridges, see Appendix B – Wireless bridges and repeaters).
• Each NID Table entry has the following format: MAC_address Username Personal_WEP_key,N where • is the MAC address of a MAC_address station • is a user-friendly name for Username the station • is the station’s key Personal_WEP_key when using WEP encryption (see Personal WEP keys on page 133 •...
‘file’ on the A032 img1.bin where the firmware for the Nokia A032 and the Nokia C111 Wireless LAN Card is stored. From time to time during the warrantee period, Nokia may make new versions of firmware available.
A note on security You should be aware that the TFTP ‘files’ on the A032 contain important configuration. Overwriting them may cause your Nokia A032 to behave unexpectedly, or cease to function. TFTP can be used to update the configuration...
5. SNMP manager The Nokia A032 has a built-in SNMP Agent capability which allows integration into SNMP managed enterprise environments. The Agent supports SNMP V1.0 requests and provides data from the following MIBs (supplied as files when you install from the Nokia A032 Utilities CD-...
ﬁxed. If there are more than 8 TCP active connec- tions to the Access Point, only the ﬁrst eight will be shown. Supported for UDP listeners TFTP and SNMP. Not supported. Transmission DOT3 Stats Table supported (partial). SNMP All ﬁelds supported. Nokia A032 Advanced User Guide...
IEEE802.11 MIB (1.2.840.10036…) The IEEE802.11 Standard MIB is defined as an SNMP V2.0 MIB. The MIB supplied on the Nokia A032 Utilities CD-ROM has been converted to an SNMP V1.0 format for easy integration into a wide range of managers.
Nokia A032 proprietary MIB The following information is provided as part of the Nokia A032 MIB. A032 system information The entries in this section describe characteristics of the A032 unit: Serial number Serial number of unit hardware. Should correspond to exterior label.
A032 system configuration The entries in this group relate to the current configuration of the A032: AP Name User assigned name of Access Point. Default is LocalAP. Net Name Network Name in ASCII text format. Admissions Mode Indicates access security in effect (all, named, none).
Radio Tx All Frames All frames sent to the PCMCIA radio card. Radio Tx Sent Octets Counter of total bytes copied to PCMCIA radio card. Radio Tx Fails Count of frames for which re-transmission was required. Nokia A032 Advanced User Guide...
LAN Rx Sent Octets Counter of Bytes transferred to LAN interface. A032 serial table These entries pertain to the serial port on the back of the A032 unit. Serial Status Indicates up or down depending on the state of DTR. A032 distribution This section relates to the Access Point function of the A032.
Traps The A032 supports a number of traps which are generated upon specific events and forwarded to configured managers. The following traps are supported: SNMP standard traps Trap Cold Start Generated whenever the unit restarts. Trap Warm Start Not supported.
SNMP configuration Specific details of setting up the SNMP agent in the Access Point are given in SNMP setup on page 63. Three types of information can be configured: • The configuration allow for the System info (Name, Location, Contact) to be configured and stored.
However, if you don’t take steps to protect your network, unauthorized users could intercept data or even gain access to your network. The Nokia A032 provides comprehensive security measures to counter eavesdropping and to control access.
Eavesdropping is prevented by the use of encryption (data is scrambled such that only the sender and receiver can understand it). Authentication and encryption The Nokia A032 provides several levels of authentication and encryption. Choose the level that is appropriate for your environment: Level...
WEP depends on keeping the key away from unauthorized persons. The WEP encryption method is defined by IEEE802.11. This means that you can use the Nokia A032 in conjunction with other vendors’ wireless LAN clients that adhere to the standard.
IEEE802.11 standard specifies 40-bit keys for general use. 40-bit keys provide a high degree of security uncrackable by all but the most determined attackers. The Nokia A032 allows the use of longer keys where local regulations permit, up to 128 bits in length.
Authentication Because secrecy of the key is paramount, WEP never transmits a key value over the network. The wireless client only needs to prove to the access point that it has a matching key. It achieves this using a method known as challenge-response: The wireless client indicates to the access point that it wants to connect.
Even the most secure system is worthless if the secret keys are intercepted. Key management is a general term for the way in which you allocate and control key (password) allocation to users. The Nokia A032 provides two basic approaches for key management: •...
In this case all the wireless clients are loaded with the secret key information. The same key is loaded into the access point. The advantage of this approach is that it is simple to manage, since there is only one key active at a given time (chosen from an available ‘pool’...
Keys are stored on some other medium, such as a smart card which can be inserted into the wireless LAN adapter card. Nokia wireless LAN adapters support a range of these options. If you are required to enter a WEP key manually, you might be able to use an ASCII text string (e.g.
To assist in the management process Nokia provides a key management utility (WEPGen) with the Nokia A032 access point. This utility allows you to enter and modify lists of users and to store the lists (suitably encrypted) on a disk file.
Using shared WEP keys The Nokia A032 can store up to four shared WEP keys simultaneously. An access point only transmits data using one of the shared WEP keys – the active key – but can receive data from clients using any of the...
Add a new shared WEP key to the access point, but don’t make it the active key yet: Key Value ABC* Key Value ABC* Key Value DEF* Instruct all clients to add the new shared WEP key to their list and make it the active key immediately: Key Value GHI*...
Setting WEP key policy At time of going to press, the IEEE802.11 standard specifies the use of 40-bit keys (five bytes). However, the Nokia A032 provides the option to use longer (i.e. stronger) keys if the network administrator chooses. Key lengths of 40, 56, 64, 96 and 128 bits are supported.
Note that the selected key length policy does not affect the size of the keys which can be entered and stored in the Nokia A032. Even if you have selected the use of 40-bit keys, it is possible to enter and store 128-bit keys (16 bytes) in the access point.
External key database Rather than storing the keys on the access points, the Nokia A032 offers you the option to store them using an authentication server. The authentication server must support the RADIUS...
RADIUS Shared Secret of the access point. Setting up a RADIUS external key database The Nokia A032 can use RADIUS to access an external key database. There are several parameters which must be configured to allow this feature to work.
WEP key corresponding to the username. RADIUS has a provision for the server to return a value with the accept message. We utilize that value to store and return the WEP key for the user. Nokia A032 Advanced User Guide...
In the Nokia A032 implementation, the sequence of events is as follows: The access point receives an authenticate request from a wireless client. The access point formulates a RADIUS request using the wireless client’s identifier (usually the MAC address) as the username and a fixed string (called the dummy password) for the password field.
RADIUS database. Therefore the system is protected from unauthorized interception. The Nokia A032 allows you to enter the IP addresses of two RADIUS servers. If a request to the primary server does not receive a reply a second attempt will be made to the secondary server.
Roaming is possible bridge to another. To avoid this, each Nokia but not recommended. A032 used as a bridge should be assigned a unique network name. This will prevent inadvertent roaming. Wireless bridges...
In practice, if you need to use more than three or four bridges in your network, you may need to rethink your network topology. Nokia A032 Advanced User Guide...
Wireless repeaters In addition to the wireless bridge function, Nokia access points can act as wireless repeaters, and extend the range of a system by receiving and re-transmitting the data at a mid-point in the communication path: LAN A LAN B...
LAN B. wireless laptop LAN B wireless bridge wireless bridge LAN A Nokia A032 Advanced User Guide...
Hybrid and multiple repeater configurations The Nokia A032 is capable of supporting repeater and bridging functions simultaneously. In addition, it can support multiple hops (more than one repeater) as well as multiple bridge paths: wireless laptop LAN B LAN A...
Multiple bridge paths LAN B can communicate with LAN A and LAN C. In this case the wireless bridge Y will choose to send the data either to X or Z according to the destination LAN. Nokia A032 Advanced User Guide...
Configuring for wireless bridge/repeater operation Before you can use Nokia access points as bridges, you need to configure them manually • tell them specifically which other access points are available as bridge partners • ensure that no loops are created.
Determine the (i.e. that Radio MAC Address of the radio card in each Nokia A032, not the MAC address of the access point itself). You can obtain this information using the command via the serial port or...
IP addresses, if you’re going to use Telnet to configure the A032s) on your topology map and keep it to hand: Bldg 1 Bldg 2 Bldg 3 Nokia Access Point as wireless bridge radio MAC* IP address 00E003001234 192.168.0.1 00E003008192 192.168.0.2...
You can only do this using the serial port or Telnet interface: Power up a Nokia A032 and log into the serial port or Telnet interface program (see Accessing the command line manager (CLM) on page 67).
Also you can use the command to remove bridge delete entries made in error or no longer required. 10 When you’ve specified all the entries, restart the Nokia A032s. The connections should be established.
Bridging. It may take up to 30 seconds for the bridge partners to connect. Restarting bridges and repeaters If one or more of the Nokia A032s is restarted, bridging information will be temporarily lost. This may result in loss of communication in the network for up to 5 minutes until the information is re-learned from the network.
“Nokia WLAN” protocols Selects protocol filtering TCP/IP parameters gateway Sets Default Route when TCP/IP filtering 0.0.0.0 (none) ip_address Sets IP address of Nokia A032 0.0.0.0 (none) subnet_mask Sets Subnet Mask for local network 255.0.0.0 Management functions admission Enables Association screening basic_rate The basic rates are set in kHz.
Fixed value of ISP DNS server isp_dns2 Fixed value of ISP DNS server isp_ip_address Fixed value of external (ISP) IP address. isp_num Phone number of ISP isp_pwd Login Password for ISP account isp_user Login Username for ISP account Nokia A032 Advanced User Guide...
Modem setup mdm_holdtime Minutes of inactivity to go on hook mdm_init AT command initialization string sent to modem mdm_speed Data rate between A032 and modem 57600 NAT setup nat_gateway Gateway address of external LAN 0.0.0.0 nat_port Determines on which interface NAT is...
Appendix D – Utilities CD-ROM The Nokia A032 Utilities CD-ROM is supplied with the Nokia A032. It contains, among other things: • Nokia software utilities • A032 user guides in Adobe Acrobat PDF format. This chapter explains how to add items to your...
See Using the WEPGen utility on page 163 for more information on using WEPGen (the Nokia WEP key generator). Removing the Nokia A032 utilities To uninstall the Nokia A032 utilities: Click Start > Programs > Nokia A032 > Remove Nokia Wireless LAN Utilities Nokia A032 Advanced User Guide...
Save a disk file which can be used to load keys into an authentication server. Installing the WEPGen utility The WEPGen utility is installed as part of the Nokia A032 utilities suite – see Utilities CD- ROM on page 161. Installing the WEPGen utility...
Running the WEPGen utility To run the WEPGen utility: Click > Start > Programs > Nokia A032 Nokia WEP Key Generator You’ll see the following window: Enter a Shared Secret The shared secret is a text string up to 16 characters long.
The shared secret is used as follows: • An encrypted version of the secret is placed at the start of the key information when it is transferred to the access point. The access point will reject the transfer unless the secret matches its own stored value.
Now you are ready to add, delete or modify keys. The information you enter will depend on whether you are using a normal wireless client or a special Nokia wireless client using Smart Card WEP key storage. Normal wireless client...
Bridge Entry and click The key should appear in the display window. Nokia Smart card solution If you are using the Nokia Smart card solution you should follow the same procedure above, except that: • and the...
(recommended) or transfer the values directly to an access point using TFTP. To save the information as a file: Click the radio button Create a WEP key database Click Go do it… Nokia A032 Advanced User Guide...
When prompted, re-enter the shared secret as a confirmation: Specify whether you want the file to be fully encrypted. If you check the Fully box, the resulting file will be encrypted unreadable to a normal text editor. Otherwise the file will be written using a text format in which only the key values are encrypted.
To transfer the database directly from the WEPGen utility to the access point: Click the radio button Transfer keys to an Access Point Click Go do it… When prompted, confirm the Shared Secret and set the encryption appropriately: Nokia A032 Advanced User Guide...
Click Enter the IP address of the target access point. Click Send The data will be transferred. Any errors which occur should be reported at this time. The TFTP dialog box will remain on the screen so that you can send to several access points in turn by modifying the IP address.
Enter the IP address of the access point. Specify whether the fully encrypted format is expected. Click The transfer should occur and the keys will be displayed in the main key window from where they can be edited or saved. Nokia A032 Advanced User Guide...
Making a client key diskette If you are using a Nokia wireless client, you can use the WEPGen utility to generate a file which can be loaded into the client to ensure that the client’s copy of the specific key matches that of the access point.
Renewing client IP information If you change the A032’s IP address, you might not be able to access the A032 from a client machine. If IP information in your client machine is obtained using DCHP, you may need to renew the information before you can access the A032.
Under Windows 2000/NT Open a DOS prompt. Enter ipconfig /release This will release the old address. Enter to renew the ipconfig /renew address. You should now be able to access the A032 from your client machine. Nokia A032 Advanced User Guide...
Startup problems This section gives advice on troubleshooting problems during initialization (startup). Initialization error codes If the initialization procedure fails an error Note: If the unit fails code should be displayed on the LEDs and info to perform the LED will remain on. alert initialization sequence, it may need...
Appendix G describes methods for reloading the firmware. If these procedures fail to solve the problem there may be a failure in the unit and it may need to be repaired. Nokia A032 Advanced User Guide...
110010: Bad PCMCIA card Indicates that the PCMCIA card is not compatible with the Nokia A032. This may be because it is not a radio card or because it is an incompatible radio card. 110011: Bad radio (does not initialize) Indicates that the PCMCIA radio card does not respond to initialization requests.
Indicates that the configuration memory had a checksum error. This memory is used to store the optional settings for the unit. If a checksum error is encountered the Nokia A032 will automatically re-load the default configuration parameters. 101000: LAN controller error Indicates failure of the Ethernet interface.
Using the Initialization log file The Initialization log file keeps a record of each time the Nokia A032 is restarted. You can use it to diagnose start-up problems. During initialization, as each part of the system Note: The log file only is started, entries are made in the log.
A log file shows the following information: • The first line of an entry shows the time at the restart and records the version of Nokia A032 software (in this case 3.00). • The next few lines show the progress of initialization.
To provide a solution to this problem, the Nokia A032 also writes all log file entries to the serial port during initialization. If the unit fails to initialize and you can’t discover the problem, try attaching a serial terminal to the unit.
Memory error type 1 • Memory error type 2 • Configuration error — default loaded • LAN Interface Error • Configuration error • Bad unit checksum • Log sector bad — recovered • System fault. Nokia A032 Advanced User Guide...
Troubleshooting dial-up connections The Nokia A032 uses PPP to connect and send data to an ISP. A basic understanding of its operation may be helpful if you’re having problems with a dial-up connection. There are four phases to the connection process: Dialling the ISP phone number.
Dialing phase What happens Possible problems and solutions The Nokia A032 looks for a modem. The Verify that the DSR signal is active by first required indication is that the DTR viewing the Modem Status screen (see (Data terminal ready) signal at the serial page 19) –...
LCP phase What happens Possible problems and solutions The Nokia A032 and the ISP agree to use Looking in the PPP Log (see page 21) you PPP and negotiate the various options should see entries labelled ‘LCP’ and that might be available to improve effi-...
LCP phase is complete. What happens Possible problems and solutions The Nokia A032 will send the user name If the login is not accepted, you will and password which you have previously either see a reject message in the PPP configured.
Possible problems and solutions In most cases, the ISP will send the IP If the ISP fails at this point of the negoti- address information to the Nokia A032 ation: to use as its external IP address (see • you may have programmed incorrect Appendix H).
Resetting factory defaults If you don’t know the Nokia A032’s current configuration status and you want to ensure that you are starting from a clean and known state, you can restore the factory default settings. You might want to do this before using Learn mode to configure the Nokia A032.
This appendix explains how to use the Nokia Important!! You need Access Point Upgrade utility to upgrade your a null-modem cable Nokia A032 via a PC workstation connected to (also known as a data the serial port via a null-modem cable (also transfer cable) to communicate via the known as a data transfer cable).
The Nokia A032 memory is organized into four parts: • System BIOS – The system BIOS performs diagnostic checks after powerup and is the basic brains of the unit. • Main firmware (called img1) – The main firmware is the software which performs the access point functions.
Upgrading the Nokia A032 This section explains how to use the Nokia Access Point Upgrade utility to upgrade the Nokia A032. Connecting the PC workstation Use the Nokia Access Point Upgrade utility to establish communication between a PC workstation and the Nokia A032:...
This happens about 5 seconds after they have gone off. When the LEDs come on again, release info the button. Assuming you have the correct serial cable and COM port a message will appear in the Nokia Nokia A032 Advanced User Guide...
Access Point Upgrade utility window and the status will indicate Idle You’re now ready to upgrade the Nokia A032. Upgrading the Nokia A032...
Performing the upgrades In order to perform the following upgrades you must have the correct files in the same directory as the Nokia Access Point Upgrade utility. These will have been extracted automatically as part of the utilities installation process (see Appendix D), or may be supplied as an update from Nokia.
Appendix H – NAT setup The Nokia A032 can provide NAT firewall security, preventing unwanted access to your network from external Internet users. Nokia local IP network Access Point external IP address Internet The NAT firewall converts all IP addresses on your local network into a single external IP address for use on the intranet or Internet.
The Nokia A032 refuses any external attempts to access your PC directly. It only accepts data sent to the external address (the Nokia A032 is the only device that knows how to convert the address back to that of a device on your internal LAN).
Setting the NAT port You can use the CLM (see page 67) or the Web interface (see page 43) to select the NAT port. This section uses the CLM point of view. To set the NAT port, enter: set nat_port parameter where parameter can be one of the following: •...
18.104.22.168 Intranet Gateway 22.214.171.124 External network subnet 255.255.0.0 Nokia Access Point (external) 126.96.36.199 Firewall Nokia Access Point (internal) 192.168.0.3 Laptop 192.168.0.1 Local network Laptop subnet 192.168.0.2 255.255.255.192 Nokia A032 Advanced User Guide...
Setting NAT holes – providing external access Under normal operation the NAT firewall only Note: This function is allows sessions initiated from the local LAN or only useful if you have WLAN network (inside the firewall). a static IP address assigned to you by In certain cases you might want to allow users your ISP.
IP address is 188.8.131.52, an external user would enter the following URL: http://184.108.40.206 but would actually access port 80 on machine with IP address 192.168.0.77. The NAT firewall would make the required address translation. Nokia A032 Advanced User Guide...
Index Numerics address DHCP 28, 29 24hr dial-up history 18 MAC 31 admission 45, 72 default 79, 157 advanced Internet sharing status abort TFTP transfer 106 wireless interface Internet access access 60 control 37 see also admission link on Associated stations SNMP manager 64 status page 24 via wireless stations 45...
DCD 19 accessing 67 default CMD prompt 69 CLM parameters 74 commands 90 factory defaults 157 help 90 reverting to default Web config password access 79 settings 34 set command 70 set command parameters 71 Nokia A032 Advanced User Guide...
DHCP disable LAN command 92 address information 28 disable radio command 92 advanced setup 65 Disconnect (Abort) button 4 base address 29, 65 DNS 58 link 18, 28 DHCP DNS server 65 log 28, 29 external IP address 53 pool size 29, 65 IP address 61 status 18, 28 domain 71...
18 help status 9 CLM commands 90 via LAN port 60 hole via wireless interface 60 NAT firewall 54 Internet Sharing link 18, 26 Home link 2 gateway 41 page 2, 3 subnet mask 41 Nokia A032 Advanced User Guide...
IP address key database 50 base address (DHCP) 29 saving 168 client 24 key file external 53, 61 loading 166 Mgmt 41 of RADIUS server 50 renewing client information SNMP manager 64 bridge 149 static 53 icon on Home page 7 ip_address 71 interface 44 default 78, 157...
Number of Associated Wireless 24-hour history 21 Stations link 8 advanced Internet setup 51 backoff mode 20 NAT port 43 setup string 52 open authentication 37, 128 speed 52 status 19 Modem link 18, 22 Nokia A032 Advanced User Guide...
parameter radio CLM set command 71 icon on Home page 7 default CLM values 74 statistics 10, 11 password 32, 45, 72 usage 31 CLM access 79 radio card default 157 statistics 13 locking 45 radio channel security 45 setting 35 PCMCIA radio port radio card statistics 10...
70, 93 advanced Internet sharing 18 parameter summary 71 DHCP 18, 28 Set Specific Managers button 47 Internals 18 setup internals (diagnostics) 30 basic setup information 33 Internet access 9 DHCP 65 Internet sharing 26 Nokia A032 Advanced User Guide...
124 IP 41 troubleshooting 175 subnet_mask 71 default 78, 157 UDP frame 58 uninstall TCP/IP Nokia utilities 162 forwarding frames 42 Use Encrypted nids.txt 49, 170 setup 41 use_encrypted_nid 72, 84, 158 Telnet user name 39, 51 accessing CLM 68...
WEP key 132 wireless repeater 147 setting key policy 139 wireless stations setting mode via CLI 82 status page 18 setting via Web interface 37 Wireless Stations link 24 setup 37 shared WEP keys 132 Nokia A032 Advanced User Guide...