Advertisement

Wireless LAN Access Point
Addendum

Advertisement

   Related Manuals for Nokia A032

   Summary of Contents for Nokia A032

  • Page 1

    Wireless LAN Access Point Addendum...

  • Page 2

    We reserve the right to make changes and improvements to any of the products described in this guide without prior notice. Nokia is not responsible for any loss of data, income or any consequential damage howsoever caused. ISSUE 1...

  • Page 3: Table Of Contents

    Table of contents Copyright notices ....... . . ii Introduction Purpose .

  • Page 4

    Nokia A032 Addendum...

  • Page 5: Introduction

    1. Introduction Purpose This document has been written to serve as an addendum to the existing A032 user manuals. It does not attempt to replace any existing user manual, and is focussed on correcting errors and omissions from those manuals, and documenting features added in recent firmware updates.

  • Page 6

    Terms, acronyms and abbreviations Term Meaning WLAN Wireless LAN IEEE 802.11 Access Point Network Access Server User-Datagram-Protocol Request For Comments Mobile Terminal (WLAN client) Local Area Network Wire-Equivalent Privacy WLAN Wireless LAN IEEE 802.11 Nokia A032 Addendum...

  • Page 7: Access Point Parameters

    2. Access point parameters This section describes the changes to AP parameters, and the use of newly added parameters. Table of parameters Refer to the A032 user guide for descriptions of how to use the management interfaces. Name Config Factory default...

  • Page 8

    This setting “cs_only”, determines which “ed_and_cs”, clear channel “ed_or_cs” assessment (CCA) mode should be used. ed_threshold 10–127 Energy detection threshold used in CCA. ed_absolute TRUE TRUE or FALSE Use Absolute energy detection threshold, or relative to noise floor Nokia A032 Addendum...

  • Page 9

    Name Config Factory default Valid range Description (command line) Web page wep_mode “wep” This parameter Advanced determines the authentication policy of the AP: “open” Accept either WEP or open system “wep” MUST use WEP “wifi” Relaxed form of WEP setting allowing use of shared keys with open system authentication...

  • Page 10

    Point discards all non-TCP/ IP traffic lock Advanced “off” “on” or “off” Prevents any changes Access being made to the AP Point without using the password. This means that learn mode and restoring system defaults are impossible. Nokia A032 Addendum...

  • Page 11

    Name Config Factory default Valid range Description (command line) Web page zone_privacy Advanced “off” “on” or “off” If set to “on”, the AP Access blocks traffic from Point being passed directly between radio clients (this has the effect of blocking peer-peer networking) snmp_contact SNMP...

  • Page 12: Radio Parameters

    300m per microsecond, so this parameter should be set to the distance between the bridging points in metres, divided by 150 (to account for the round-trip time). Path delay can be disabled by setting back to zero. Nokia A032 Addendum...

  • Page 13: Beacon Interval, Dtim Interval

    Beacon interval Sets the time interval between beacons in milliseconds. This defaults to 100ms – longer intervals reduce the amount of idle load on the radio interface, but may increase the time taken to join a network or roam. The beacon interval can be changed with the command set beacon_interval <n>...

  • Page 14

    Use caution when altering this setting, as in combination with certain CCA modes it can prevent reliable reception. The default value for ED threshold is 17, which can be changed with the command set ed_threshold < n > Nokia A032 Addendum...

  • Page 15

    ED Absolute If set, this variable causes the ED threshold set by ‘set ed_threshold’ to be regarded as an absolute value. Otherwise the value is taken to be relative to the noise floor. Use caution when altering this setting, as in combination with certain CCA modes it can prevent reliable reception.

  • Page 16: Minor Functional Changes

    DHCP server, assigning itself the first address in the pool (however, it will respond to any incoming packet with a valid IP address). This can be used to provide a permanent configuration, as above. Nokia A032 Addendum...

  • Page 17: Snmp Changes

    Management successfully entered in one of the management login utilities. A032 TFTP Access Generated whenever a TFTP transfer is initiated to or from the unit. Generated in the same way as Trap 1, but when the Authenticate fail authentication is rejected because of WEP rather than the NID name feature.

  • Page 18: Wep Key Lengths

    WEP key lengths The A032 now has explicit support for 104 bit WEP keys. Some manufacturers have produced 802.11b clients using 104-bit WEP keys (usually marketed as being 128 bit). Creating a 104-bit key in the A032 should allow these clients to be used with their maximum key strength.

  • Page 19: Radius Operation

    This section describes the Nokia Radius client implementation. It provides sufficient detail to get third-party Radius servers to operate with the A032 Access Point. It describes frame formats and details of interactions between the AP and a Radius server. It does not cover how a particular Radius server implementation is configured to operate with an AP.

  • Page 20: Technical Information

    • There is no encryption of the messages (except the password) so Radius assumes that authentication is performed inside a trusted network (for example, intranet). Nokia A032 Addendum...

  • Page 21

    The traditional Radius system is meant to operate within a secure network, such as intranet, because it does not require much skill to capture radius packets and use faked packets to provide false authentication information. That’s why the WEP keys received from Radius server are encrypted.

  • Page 22

    NAS and either processes them by itself or sends them to another Radius server. This makes it possible to distribute the processing of Radius requests, allowing load balancing and making the security solution more fail safe. Nokia A032 Addendum...

  • Page 23

    Radius operation The use of a Radius server on the current AP range can be enabled using the web pages or via the command line, either through the serial port or via Telnet. Once enabled, whenever a wireless station attempts to authenticate with the AP, the following interaction with the Radius server occurs: Station...

  • Page 24

    , it takes the user-name and looks up the Request entry for the station. It then recalculates its own copy of the and if the user-password supplied and its own match it user-password builds an message to send back to Access-Accept Nokia A032 Addendum...

  • Page 25

    Radius database. The 32-character string representing the encrypted key is sent to the AP as a vendor- specific attribute (see RFC2138 section 5.26) with the vendor ID set to the Nokia value (94). This is shown below. Field Octets...

  • Page 26

    The encrypted WEP key is placed in the String field. This is formatted also like an attribute (type+length+string) but the type values are defined in this document. There are two formats for the Nokia-specific attribute: Field Octets Type (2) Length (34)

  • Page 27

    This uses a new type code and the attribute now contains the length of the WEP key in bytes expressed as a 2-character ASCII hex string in the range 05 to 10. When configuring a Radius server, the two strings shown above can be treated as a single 34-character hex string.

  • Page 28

    Configuration To configure the A032 to use Radius authentication, carry out the following steps (the items within <> are user-specified, the other text must be typed as shown): Set the Radius secret and the password common to all APs: set shared_secret <shared_secret>...

  • Page 29

    Because there are many different radius servers available, no specific configuration details can be given. However, the following general procedure can be used: Set the Radius secret and the password common to all APs: set shared_secret <shared_secret> <password> For each station, create an entry where the username is the station MAC address expressed as a 12-character hexadecimal string, and the password is the password...

  • Page 30: Dhcp Operation

    (this is an exclusive choice – choosing both simultaneously is not accepted). Server operation is described in more detail below, while client operation is described on page 33. The AP DHCP implementations do not support BOOTP interoperability. Nokia A032 Addendum...

  • Page 31: Server Operation

    Server operation The Server implementation is targeted at small installations (such as home use), and includes only a minimal feature set. It is anticipated that larger networks would have a pre-existing system administration policy – either precluding the use of DHCP, or having a more fully featured DHCP server under central control.

  • Page 32

    AP, while the gateway and DNS addresses are configurable. The default setting causes the DHCP server to instruct the clients to use the A032 as their gateway and (proxy) DNS server - this is required for normal Internet access via the AP. Explicit IP addresses can be configured if these defaults are inappropriate.

  • Page 33: Client Operation

    Client operation The DHCP client has been designed to ease integration of the AP into larger networks, and as such has a larger feature set than the server. The intention is to allow the DHCP protocol to be used to download a working configuration, enabling the management of all APs on a network to be handled centrally.

  • Page 34

    No DHCP server found – AP will operate as far as possible using its stored configuration, including making use its management IP address if configured with one. If no IP address was configured for the AP, then this will limit its functionality accordingly. Nokia A032 Addendum...

  • Page 35

    • DHCP response with no option string – AP will operate using its stored configuration, but with the IP address provided by DHCP. • DHCP response with option string and/or a configuration file reference – AP will accept the parameters given, and fill in the remainder from its stored configuration.

  • Page 36

    If any configuration details clash, the following precedence applies: • Vendor Options (highest) • DHCP Options • TFTP Download (existing stored settings) If the AP is run in learn mode, the DHCP client is automatically disabled. Nokia A032 Addendum...

  • Page 37

    Accepting dynamic IP addresses Using a DHCP client implementation allows the AP to be offered an IP address according to one of the following schemes: • Automatic addressing – the server allocates the address, but offers it indefinitely. • Dynamic addressing – the server allocates an address for a time-limited period.

  • Page 38

    The following tables list AP parameters and their availability via DHCP. These are the standard DHCP options and their option codes: DHCP Parameter Default value option code Default gateway none Subnet mask 255.0.0.0 IP address none AP name “LocalAP” Nokia A032 Addendum...

  • Page 39

    Zone Privacy Experimental option, do not use Radio channel channel # Domain varies coded value (see 802.11 MIB) 802.11 net max. 32 “Nokia ASCII name WLAN” Password max. 16 “default” ASCII RTS Threshold 2301 value (2 octets) Fragmentation 2346...

  • Page 40

    1–4 WEP key 1 max. 16 none WEP key WEP key 2 max. 16 none WEP key WEP key 3 max. 16 none WEP key WEP key 4 max. 16 none WEP key DHCP server Automatically disabled Nokia A032 Addendum...

  • Page 41

    Vendor class identifier (DHCP option) with the DHCPREQUEST/DISCOVER frames. This will comprise the option code (60), length (10), and the ASCII text “Nokia A03x”. The AP does expect to receive values for every parameter in the table above; they are subject to the same principle as standard options (included if only if needed).

  • Page 42: Tftp Download

    DHCP options: IP address, subnet mask, gateway and AP name). In this case, the AP downloads the new configuration, then moves onto normal operation. See Operational sequence on page 34 for a description of the whole configuration process. Nokia A032 Addendum...

  • Page 43: Dhcp Web

    DHCP Web pages DHCP configuration page The configuration page simply displays (and allows changes to) the five DHCP configuration entries. DHCP operation...

  • Page 44

    DHCP status page (server) DHCP status page (client) Nokia A032 Addendum...

  • Page 45: Tftp Config.txt File

    6. TFTP config.txt file The TFTP config.txt file has been restructured in line with the changes to configuration. The following example illustrates the current format: /Config.txt for AP(Example) on Wed, 27 Jun 2001 09:55:06 %channel: 11 %net_name: "ExampleNet" /*%rts_threshold: 2301 /*%frag_threshold: 2346 /*%short_retry: 15 /*%long_retry: 15...

  • Page 46

    %community_get: "public" %community_set: "private" /*%radius_server: 1 0.0.0.0 /*%radius_server: 2 0.0.0.0 %snmp_contact: "Contact" %snmp_sys_name: "Sys Name" %snmp_location: "Location" %path_delay: 0 %zone_privacy: off %beacon_interval: 100 %dtim_interval: 5 %tx_power: high %cca_mode: cs_only %ed_threshold: 17 %ed_absolute: true %dhcp_mode: server /*default setting Nokia A032 Addendum...

Comments to this Manuals

Symbols: 0
Latest comments: