Page 1 ZyAIR G-5100 Outdoor Dual-802.11g Wireless LAN Access Point & Bridge User’s Guide Version 3.50 5/2005...
Page 4: Interference Statements And Warnings
ZyAIR G-5100 User’s Guide Interference Statements and Warnings FCC Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
Page 5: Interference Statements And Warnings
ZyAIR G-5100 User’s Guide Certifications Go to www.zyxel.com 1 Select your product from the drop-down list box on the ZyXEL home page to go to that product's page. 2 Select the certification you wish to view from this page. Interference Statements and Warnings...
Page 6: Safety Warnings
ZyAIR G-5100 User’s Guide Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel can service the device.
Page 7 ZyAIR G-5100 User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During...
Page 8: Zyxel Limited Warranty
ZyAIR G-5100 User’s Guide Customer Support Please have the following information ready when you contact customer support. • Product model and serial number. • Warranty Information. • Date that you received your device. • Brief description of the problem and the steps you took to solve it.
Page 9: Customer Support
ZyAIR G-5100 User’s Guide METHOD SUPPORT E-MAIL TELEPHONE WEB SITE REGULAR MAIL SALES E-MAIL FTP SITE LOCATION support@zyxel.co.uk +44 (0) 8702 909090 www.zyxel.co.uk ZyXEL Communications UK Ltd.,11 The Courtyard, sales@zyxel.co.uk +44 (0) 8702 909091 ftp.zyxel.co.uk UNITED KINGDOM Eastern Road, Bracknell,...
Page 10 ZyAIR G-5100 User’s Guide Customer Support...
Page 11: Table Of Contents
ZyAIR G-5100 User’s Guide Table of Contents Copyright ........................3 Interference Statements and Warnings ..............4 Interference Statements and Warnings ..............5 Safety Warnings ....................... 7 ZyXEL Limited Warranty..................8 Customer Support....................9 Table of Contents ....................11 List of Figures ......................19 List of Tables ......................
Page 12 ZyAIR G-5100 User’s Guide 3.5 Basic Setup Complete ..................47 Chapter 4 System Screens ..................... 49 4.1 System Overview ....................49 4.2 General Screen ....................49 4.2.1 Domain Name ...................49 4.2.2 DNS Server Address Assignment .............49 4.3 Configuring General Setup .................50 4.4 Configuring Password ..................51 4.5 Configuring Time Setting ...................52...
Page 13 ZyAIR G-5100 User’s Guide Chapter 6 Internal RADIUS Server ..................81 6.1 Internal RADIUS Overview .................81 6.2 Internal RADIUS Server Setting .................82 6.3 Trusted AP Overview ..................84 6.4 Configuring Trusted AP ..................85 6.5 Trusted Users Overview ..................86 6.6 Configuring Trusted Users .................86 Chapter 7 VLAN ........................
Page 14 ZyAIR G-5100 User’s Guide Chapter 11 Maintenance ......................119 11.1 Maintenance Overview ...................119 11.2 System Status Screen ..................119 11.2.1 System Statistics ...................120 11.3 Association List ....................121 11.4 Channel Usage ....................122 11.5 F/W Upload Screen ..................123 11.6 Configuration Screen ..................126 11.6.1 Backup Configuration ................127 11.6.2 Restore Configuration ................128...
Page 15 ZyAIR G-5100 User’s Guide Chapter 16 VLAN Setup ......................151 16.1 VLAN Setup ....................151 Chapter 17 SNMP Configuration .................... 153 17.1 About SNMP ....................153 17.2 Supported MIBs ....................154 17.3 SNMP Configuration ..................154 17.4 SNMP Traps ....................155 Chapter 18 System Security ....................157 18.1 System Security .....................157...
Page 16 ZyAIR G-5100 User’s Guide 20.4.4 TFTP File Upload ..................177 20.4.5 Example: TFTP Command ..............177 20.4.6 Uploading Via Console Port ..............178 20.4.7 Uploading Firmware File Via Console Port ...........178 20.4.8 Example Xmodem Firmware Upload Using HyperTerminal ....178 20.4.9 Uploading Configuration File Via Console Port ........179 20.4.10 Example Xmodem Configuration Upload Using HyperTerminal ..180...
Page 17 ZyAIR G-5100 User’s Guide Appendix I Command Interpreter................... 245 Appendix J Brute-Force Password Guessing Protection............. 247 Appendix K Log Descriptions....................249 Index........................253 Table of Contents...
Page 18 ZyAIR G-5100 User’s Guide Table of Contents...
Page 19: List Of Figures
ZyAIR G-5100 User’s Guide List of Figures Figure 1 PoE Installation Example ................. 30 Figure 2 WDS Functionality Example ..............30 Figure 3 Access Point Application ................34 Figure 4 AP+Bridge Application ................34 Figure 5 Bridge Application ..................35 Figure 6 Repeater Application ................
Page 20 ZyAIR G-5100 User’s Guide Figure 39 Trusted AP Screen ................. 85 Figure 40 Trusted Users Screen ................87 Figure 41 VLAN ...................... 90 Figure 42 IP Setup ....................93 Figure 43 Certificate Configuration Overview ............96 Figure 44 My Certificates ..................97 Figure 45 My Certificate Import ................
Page 21 ZyAIR G-5100 User’s Guide Figure 82 Menu 14- Dial-in User Setup ..............149 Figure 83 Menu 14.1- Edit Dial-in User ..............149 Figure 84 Menu 16 VLAN Setup ................151 Figure 85 SNMP Management Model ..............153 Figure 86 Menu 22 SNMP Configuration .............. 154 Figure 87 Menu 23 System Security ..............
Page 22 ZyAIR G-5100 User’s Guide Figure 125 Windows XP: Local Area Connection Properties ......... 206 Figure 126 Windows XP: Internet Protocol (TCP/IP) Properties ......207 Figure 127 Windows XP: Advanced TCP/IP Properties ......... 208 Figure 128 Windows XP: Internet Protocol (TCP/IP) Properties ......209 Figure 129 Macintosh OS 8/9: Apple Menu ............
Page 23: List Of Tables
ZyAIR G-5100 User’s Guide List of Tables Table 1 IEEE 802.11g .................... 31 Table 2 IEEE 802.11b .................... 31 Table 3 Screens Summary ..................40 Table 4 Wizard: General Setup ................44 Table 5 Wizard: Wireless LAN Setup ..............45 Table 6 Wizard: IP Address Assignment ...............
Page 24 ZyAIR G-5100 User’s Guide Table 39 Association List ..................122 Table 40 Channel Usage ..................123 Table 41 Firmware Upload ..................124 Table 42 Restore Configuration ................128 Table 43 Main Menu Commands ................133 Table 44 Main Menu Summary ................134 Table 45 SMT Menus Overview ................
Page 25 ZyAIR G-5100 User’s Guide Table 82 Current Consumption ................193 Table 83 Approvals ....................194 Table 84 Packaging Specifications ................ 197 Table 85 Mounting Hardware Specifications ............197 Table 86 Power over Ethernet Injector Specifications .......... 199 Table 87 Power over Ethernet Injector RJ-45 Port Pin Assignments ....199 Table 88 Classes of IP Addresses ................
Page 26 ZyAIR G-5100 User’s Guide List of Tables...
Page 27: Preface
ZyAIR G-5100 User’s Guide Preface Congratulations on your purchase of the ZyAIR G-5100 Outdoor 802.11g Business Access Point/Bridge/Repeater. The ZyAIR is an Access Point (AP) through which wireless stations can communicate and/or access a wired network. The ZyAIR can also function as a wireless network bridge/repeater and establish wireless links with other APs.
Page 28 • For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in other words” throughout this manual. • The ZyAIR G-5100 may be referred to simply as the ZyAIR in the user’s guide. Graphics Icons Key...
Page 29: Getting To Know Your Zyair
Power over Ethernet (PoE) is the ability to provide power to your ZyAIR via an 8-pin CAT 5 Ethernet cable, eliminating the need for a nearby power source. The ZyAIR G-5100 includes a special high current power injector that allows the ZyAIR to be located farther away. This feature allows increased flexibility in the locating of your ZyAIR.
Page 30: Figure 1 Poe Installation Example
ZyAIR G-5100 User’s Guide Figure 1 PoE Installation Example Wi-Fi Protected Access Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. Key differences between WPA and WEP are user authentication and improved data encryption. WDS Functionality A Distribution System (DS) is a wired connection between two or more APs, while a Wireless Distribution System (WDS) is a wireless connection.
Page 31: Table 1 Ieee 802.11G
ZyAIR G-5100 User’s Guide IEEE 802.11g Wireless LAN Standard The ZyAIR complies with the IEEE 802.11g wireless standard. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data rates. The IEEE 802.11g data rate and modulation are as follows. The modulation technique defines how bits are encoded onto radio waves.
Page 32: Vpn Passthrough
ZyAIR G-5100 User’s Guide VPN Passthrough VPN (Virtual Private Network) connections use data encryption to provide secure communications over unsecure networks (like the Internet). The ZyAIR allows VPN connections to go through it. Wireless LAN MAC Address Filtering Your ZyAIR checks the MAC address of the wireless station against a list of allowed or denied MAC addresses.
Page 33: Applications For The Zyair
ZyAIR G-5100 User’s Guide Vantage WLC 200 Manageable You can use the Vantage WLC 200 (not included) for centralized management of multiple ZyAIRs. Logging and Tracing • Built-in message logging and packet tracing. • Syslog facility support. Embedded FTP and TFTP Servers The ZyAIR’s embedded FTP and TFTP servers enable fast firmware upgrades as well as...
Page 34: Ap + Bridge
ZyAIR G-5100 User’s Guide Figure 3 Access Point Application 1.3.2 AP + Bridge In AP+Bridge mode, the ZyAIR supports both AP connections (A and B can connect to the wired network through X) and bridge connections (X can communicate with Y) at the same time.
Page 35: Bridge / Repeater
ZyAIR G-5100 User’s Guide 1.3.3 Bridge / Repeater The ZyAIR can act as a wireless network bridge and establish wireless links with other APs. In bridge mode, the ZyAIRs (see A and B in Figure 5 on page 35) are connected to independent wired networks and have a bridge (A can communicate with B) connection at the same time.
Page 36: Figure 6 Repeater Application
ZyAIR G-5100 User’s Guide Figure 6 Repeater Application Chapter 1 Getting to Know Your ZyAIR...
Page 37: Introducing The Web Configurator
ZyAIR G-5100 User’s Guide H A P T E R Introducing the Web Configurator This chapter describes how to access the ZyAIR web configurator and provides an overview of its screens. 2.1 Web Configurator Overview The embedded web configurator allows you to manage the ZyAIR from anywhere through a browser such as Microsoft Internet Explorer.
Page 38: Resetting The Zyair
ZyAIR G-5100 User’s Guide Figure 7 Change Password Screen 7 Click Apply in the Replace Certificate screen to create a certificate using your ZyAIR’s MAC address that will be specific to this device. Figure 8 Replace Certificate Screen. 8 You should now see the MAIN MENU screen (see Figure 10 on page 40).
Page 39: Navigating The Zyair Web Configurator
ZyAIR G-5100 User’s Guide Obtain the default configuration file, unzip it and save it in a folder. Use a console cable to connect a computer with terminal emulation software to the ZyAIR’s console port. Turn the ZyAIR off and then on to begin a session. When you turn on the ZyAIR again, you will see the initial screen.
Page 40: Figure 10 The Main Menu Screen Of The Web Configurator
ZyAIR G-5100 User’s Guide Figure 10 The MAIN MENU Screen of the Web Configurator Use submenus to configure ZyAIR features. Click LOGOUT at any time to exit the web configurator. The following table describes the sub-menus. Table 3 Screens Summary...
Page 41 ZyAIR G-5100 User’s Guide Table 3 Screens Summary (continued) LINK FUNCTION AUTH. SERVER Setting Configure this screen to use the internal server to authenticate wireless users. Trusted AP Configure this screen to allow specified AP’s to communicate with the ZyAIR.
Page 42 ZyAIR G-5100 User’s Guide Chapter 2 Introducing the Web Configurator...
Page 43: Chapter 3 Wizard Setup
ZyAIR G-5100 User’s Guide H A P T E R Wizard Setup This chapter provides information on the WIZARD SETUP screens in the web configurator. 3.1 Wizard Setup Overview The web configurator’s setup wizard helps you configure your ZyAIR for wireless stations to access your wired LAN.
Page 44: Wizard Setup: Wireless Lan
ZyAIR G-5100 User’s Guide Table 4 Wizard: General Setup LABEL DESCRIPTION System Name It is recommended you type your computer's "Computer name". In Windows 95/98 click Start, Settings, Control Panel, Network. Click the Identification tab, note the entry for the Computer Name field and enter it as the System Name.
Page 45: Figure 12 Wizard: Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 12 Wizard: Wireless LAN Setup The following table describes the labels in this screen. Table 5 Wizard: Wireless LAN Setup LABEL DESCRIPTION Wireless LAN Setup WLAN Adapter Select which WLAN adapter you want to configure (WLAN 1 recommended).
Page 46: Wizard Setup: Ip Address Assignment
ZyAIR G-5100 User’s Guide Table 5 Wizard: Wireless LAN Setup LABEL DESCRIPTION Key 1 to Key 4 The WEP keys are used to encrypt data. Both the ZyAIR and the wireless stations must use the same WEP key. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F").
Page 47: Basic Setup Complete
ZyAIR G-5100 User’s Guide Table 6 Wizard: IP Address Assignment LABEL DESCRIPTION IP Address Enter the IP address of your ZyAIR in dotted decimal notation. Note: If you changed the ZyAIR's IP address, you must use the new IP address if you want to access the web configurator again.
Page 48: Figure 16 Wizard: Setup Complete
ZyAIR G-5100 User’s Guide Figure 16 Wizard: Setup Complete Well done! You have set up your ZyAIR to operate on your network and access the Internet. Chapter 3 Wizard Setup...
Page 49: Chapter 4 System Screens
ZyAIR G-5100 User’s Guide H A P T E R System Screens This section provides information on general system setup. 4.1 System Overview This chapter describes how to configure the ZyAIR’s general, DNS, password and time settings. 4.2 General Screen The General screen contains administrative and system-related information.
Page 50: Configuring General Setup
ZyAIR G-5100 User’s Guide 4.3 Configuring General Setup Click the SYSTEM link under ADVANCED to open the General screen. Figure 17 System General The following table describes the labels in this screen. Table 7 System General Setup LABEL DESCRIPTION General Setup System Name Type a descriptive name to identify the ZyAIR in the Ethernet network.
Page 51: Configuring Password
ZyAIR G-5100 User’s Guide Table 7 System General Setup (continued) LABEL DESCRIPTION First DNS Server Select From DHCP if your ISP dynamically assigns DNS server information. The field to the right displays the (read-only) DNS server IP address that the Second DNS Server DHCP assigns.
Page 52: Configuring Time Setting
ZyAIR G-5100 User’s Guide Table 8 Password LABEL DESCRIPTIONS Old Password Type in your existing system password (1234 is the default password). New Password Type your new system password (up to 31 characters). Note that as you type a password, the screen displays an asterisk (*) for each character you type.
Page 53: Table 9 Time Setting
ZyAIR G-5100 User’s Guide The following table describes the labels in this screen. Table 9 Time Setting LABEL DESCRIPTION Time Protocol Select the time service protocol that your time server uses. Not all time servers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works.
Page 54 ZyAIR G-5100 User’s Guide Chapter 4 System Screens...
Page 55: Chapter 5 Wireless Lan
ZyAIR G-5100 User’s Guide H A P T E R Wireless LAN This chapter discusses how to configure wireless LAN. 5.1 Introduction A wireless LAN can be as simple as two computers with wireless LAN adapters communicating in a peer-to-peer network or as complex as a number of computers with wireless LAN adapters communicating through access points which bridge network traffic to the wired LAN.
Page 56: Restricted Access
ZyAIR G-5100 User’s Guide • Use the Local User Database if you have less than 32 wireless clients in your network. The ZyAIR uses MD5 encryption when a client authenticates with the Local User Database 5.2.3 Restricted Access The MAC Filter screen allows you to configure the AP to give exclusive access to devices (Allow Association) or exclude them from accessing the AP (Deny Association).
Page 57: Spanning Tree Protocol (Stp)
ZyAIR G-5100 User’s Guide 5.3 Spanning Tree Protocol (STP) STP detects and breaks network loops and provides backup links between switches, bridges or routers. It allows a bridge to interact with other STP-compliant bridges in your network to ensure that only one route exists between any two stations on the network.
Page 58: How Stp Works
ZyAIR G-5100 User’s Guide 5.3.3 How STP Works After a bridge determines the lowest cost-spanning tree with STP, it enables the root port and the ports that are the designated ports for connected LANs, and disables all other ports that participate in STP.
Page 59: Access Point Mode
ZyAIR G-5100 User’s Guide 5.5.1 Access Point Mode Select Access Point in the Operating Mode drop-down list box to display the screen as shown next. Figure 20 Wireless: Access Point The following table describes the general wireless LAN labels in this screen.
Page 60: Table 13 Wireless: Access Point
ZyAIR G-5100 User’s Guide Table 13 Wireless: Access Point LABEL DESCRIPTION WLAN Adapter Select which WLAN adapter you want to configure. It is recommended that you configure the first WLAN adapter for AP functions and use the second WLAN adapter for bridge functions.
Page 61 ZyAIR G-5100 User’s Guide Table 13 Wireless: Access Point (continued) LABEL DESCRIPTION Key 1 to Key 4 If you chose 64-bit WEP in the WEP Encryption field, then enter any 5 characters (ASCII string) or 10 hexadecimal characters ("0-9", "A-F") preceded by 0x for each key.
Page 62: Bridge/Repeater Mode
ZyAIR G-5100 User’s Guide Table 13 Wireless: Access Point (continued) LABEL DESCRIPTION VLAN ID The ZyAIR supports IEEE 802.1 tagged VLAN for partioning a physical network into multiple logical networks. Enter a number from 1 to 4094 to set the VLAN ID tag that the ZyAIR adds to the Ethernet frames that this WLAN adapter receives from wireless clients or other APs.
Page 63: Figure 22 Bridge Loop: Two Bridges Connected To Hub
ZyAIR G-5100 User’s Guide Figure 22 Bridge Loop: Two Bridges Connected to Hub If your ZyAIR (in bridge mode) is connected to a wired LAN while communicating with another wireless bridge that is also connected to the same wired LAN as shown next.
Page 64: Figure 24 Wireless: Bridge/Repeater
ZyAIR G-5100 User’s Guide Figure 24 Wireless: Bridge/Repeater The following table describes the labels in this screen that are specific to bridge/repeater mode. Table 14 Wireless: Bridge/Repeater LABEL DESCRIPTIONS WLAN Adapter Select which WLAN adapter you want to configure. It is recommended that you configure the first WLAN adapter for AP functions and use the second WLAN adapter for bridge functions.
Page 65: Ap+Bridge Mode
ZyAIR G-5100 User’s Guide Table 14 Wireless: Bridge/Repeater (continued) LABEL DESCRIPTIONS Active Select the check box to enable the bridge connection. Otherwise, clear the check box to disable it. Remote Bridge MAC Type the MAC address of the peer device in a valid MAC address format, that Address is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc.
Page 66: Figure 25 Wireless: Ap+Bridge
ZyAIR G-5100 User’s Guide Figure 25 Wireless: AP+Bridge Table 13 on page 60 Table 14 on page 64 descriptions of the fields in the Access Point and Bridge/Repeater operating modes for descriptions of the fields in this screen. Chapter 5 Wireless LAN...
Page 67: Configuring Mac Filters
ZyAIR G-5100 User’s Guide When you enable WEP encryption, you can also specify MAC addresses and pre-shared keys of peer bridges in order to use TKIP (see Appendix F on page 221 for more on TKIP) to encrypt traffic between the bridges.
Page 68: Figure 26 Mac Address Filter
ZyAIR G-5100 User’s Guide Figure 26 MAC Address Filter The following table describes the labels in this screen. Table 15 MAC Address Filter LABEL DESCRIPTION WLAN Adapter Select the WLAN adapter for which you want to configure MAC address filtering.
Page 69: Configuring Roaming
ZyAIR G-5100 User’s Guide Table 15 MAC Address Filter (continued) LABEL DESCRIPTION Filter Action Define the filter action for the list of MAC addresses in the MAC address filter table. Select Deny Association to block access to the router, MAC addresses not listed will be allowed to access the router.
Page 70: Requirements For Roaming
ZyAIR G-5100 User’s Guide Figure 27 Roaming Example The steps below describe the roaming process. 1 As wireless station Y moves from the coverage area of access point AP 1 to that of access point 2 AP 2, it scans and uses the signal of access point AP 2.
Page 71: Introduction To Wpa
ZyAIR G-5100 User’s Guide To enable roaming on your ZyAIR, click the WIRELESS link under ADVANCED and then the Roaming tab. The screen appears as shown. Figure 28 Roaming The following table describes the labels in this screen. Table 16 Roaming...
Page 72: Wpa With Radius Application Example
ZyAIR G-5100 User’s Guide 2 The AP checks each client’s password and (only) allows it to join the network if it matches its password. 3 The AP derives and distributes keys to the wireless clients. 4 The AP and wireless clients use the TKIP encryption process to encrypt data exchanged between them.
Page 73: Wireless Client Wpa Supplicants
ZyAIR G-5100 User’s Guide Figure 30 WPA with RADIUS Application Example 5.11 Wireless Client WPA Supplicants A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WPA. At the time of writing, the most widely available supplicant is the WPA patch for Windows XP, Funk Software's Odyssey client, and Meetinghouse Data Communications' AEGIS client.
Page 74: Authentication Required: 802.1X
ZyAIR G-5100 User’s Guide You see the next screen when you select No Access Allowed or No Authentication Required in the Wireless Port Control field. Figure 31 Wireless LAN: 802.1x/WPA The following table describes the labels in this screen. Table 17 Wireless LAN: 802.1x/WPA...
Page 75: Figure 32 Wireless Lan: 802.1X/Wpa For 802.1X Protocol
ZyAIR G-5100 User’s Guide Figure 32 Wireless LAN: 802.1x/WPA for 802.1x Protocol Chapter 5 Wireless LAN...
Page 76: Table 18 Wireless Lan: 802.1X/Wpa For 802.1X Protocol
ZyAIR G-5100 User’s Guide The following table describes the labels in this screen. Table 18 Wireless LAN: 802.1x/WPA for 802.1x Protocol LABEL DESCRIPTION Wireless Port To control wireless stations access to the wired network, select a control method Control from the drop-down list box. Choose from No Authentication Required, Authentication Required and No Access Allowed.
Page 77 ZyAIR G-5100 User’s Guide Table 18 Wireless LAN: 802.1x/WPA for 802.1x Protocol (continued) LABEL DESCRIPTION Authentication The ZyAIR will make three attempts to authenticate wireless users using the Server /Alternate authentication server before attempting to use the alternate authentication server.
Page 78: Authentication Required: Wpa
ZyAIR G-5100 User’s Guide 5.14 Authentication Required: WPA Select Authentication Required in the Wireless Port Control field and WPA in the Key Management Protocol field to display the next screen. Figure 33 Wireless LAN: 802.1x/WPA for WPA Protocol The following table describes the labels not previously discussed.
Page 79: Authentication Required: Wpa-Psk
ZyAIR G-5100 User’s Guide Table 19 Wireless LAN: 802.1x/WPA for WPA Protocol LABEL DESCRIPTIONS Key Management Choose WPA in this field. Protocol WPA Mixed Mode The ZyAIR can operate in WPA Mixed Mode, which supports both clients running WPA and clients running dynamic WEP key exchange with IEEE 802.1x in the same Wi-Fi network.
Page 80: Table 20 Wireless Lan: 802.1X/Wpa For Wpa-Psk Protocol
ZyAIR G-5100 User’s Guide The following table describes the labels not previously discussed. Table 20 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol LABEL DESCRIPTION Key Management Choose WPA-PSK in this field. Protocol Pre-Shared Key The encryption mechanisms used for WPA and WPA-PSK are the same. The only difference between the two is that WPA-PSK uses a simple common password, instead of user-specific credentials.
Page 81: Internal Radius Server
ZyAIR G-5100 User’s Guide H A P T E R Internal RADIUS Server The ZyAIR can use its internal RADIUS server to authenticate wireless clients. It can also serve as a RADIUS server to authenticate other APs and their wireless clients. For more background information on RADIUS, see the Introduction to RADIUS section.
Page 82: Internal Radius Server Setting
ZyAIR G-5100 User’s Guide Figure 36 ZyAIR Authenticates Trusted APs ZyAIR as a RADIUS server Trusted AP’s Table 21 Internal RADIUS Server Screens Overview LABEL DESCRIPTION Setting Use the Setting screen to turn the ZyAIR’s internal RADIUS server off or on and to view information about the ZyAIR’s certificates.
Page 83: Figure 37 Internal Radius Server Setting Screen
ZyAIR G-5100 User’s Guide Figure 37 Internal RADIUS Server Setting Screen The following table describes the labels in this screen. Table 22 My Certificates LABEL DESCRIPTION Active Select the Active check box to have the ZyAIR use its internal RADIUS server to authenticate wireless clients or other APs.
Page 84: Trusted Ap Overview
ZyAIR G-5100 User’s Guide Table 22 My Certificates (continued) LABEL DESCRIPTION Issuer This field displays identifying information about the certificate’s issuing certification authority, such as a common name, organizational unit or department, organization or company and country. With self-signed certificates, this is the same information as in the Subject field.
Page 85: Configuring Trusted Ap
ZyAIR G-5100 User’s Guide 2 Configure wireless client user names and passwords in the Trusted Users database to use a trusted AP as a relay between the ZyAIR’s internal RADIUS server and the wireless clients. The wireless clients can then be authenticated by the ZyAIR’s internal RADIUS server.
Page 86: Trusted Users Overview
ZyAIR G-5100 User’s Guide Table 23 Trusted AP LABEL DESCRIPTION IP Address Type the IP address of the trusted AP in dotted decimal notation. Shared Secret Enter a password (up to 31 alphanumeric characters, no spaces) as the key for encrypting communications between the AP and the ZyAIR.
Page 87: Figure 40 Trusted Users Screen
ZyAIR G-5100 User’s Guide Figure 40 Trusted Users Screen The following table describes the labels in this screen. Table 24 Trusted Users LABEL DESCRIPTION This field displays the trusted user index number. Active Select this check box to have the ZyAIR authenticate wireless clients with the same user name and password activated on their wireless utilities.
Page 88 ZyAIR G-5100 User’s Guide Chapter 6 Internal RADIUS Server...
Page 89: Chapter 7 Vlan
ZyAIR G-5100 User’s Guide H A P T E R VLAN This chapter discusses how to configure VLAN on the ZyAIR 7.1 VLAN A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Stations on a logical network can belong to one or more groups.
Page 90: Figure 41 Vlan
ZyAIR G-5100 User’s Guide Figure 41 VLAN The following table describes the labels in this screen. Table 25 VLAN LABEL DESCRIPTION Enable VLAN Tagging Select this check box to turn on VLAN tagging. Use the Wireless screen to set the VLAN ID tag that the ZyAIR adds to the Ethernet frames that a WLAN adapter receives from wireless clients or APs.
Page 91: Chapter 8 Ip Screen
ZyAIR G-5100 User’s Guide H A P T E R IP Screen This chapter discusses how to configure IP on the ZyAIR 8.1 Factory Ethernet Defaults The Ethernet parameters of the ZyAIR are preset in the factory with the following values: 1 IP address of 192.168.1.2...
Page 92: Ip Address Assignment
ZyAIR G-5100 User’s Guide 8.2.1 IP Address Assignment Every computer on the Internet must have a unique IP address. If your networks are isolated from the Internet, for instance, only between your two branch offices, you can assign any IP addresses to the hosts without problems.
Page 93: Figure 42 Ip Setup
ZyAIR G-5100 User’s Guide Figure 42 IP Setup The following table describes the labels in this screen. Table 27 IP Setup LABEL DESCRIPTION IP Address Assignment Get automatically from Select this option to have the ZyAIR use a dynamically assigned IP address DHCP from a DHCP server.
Page 94 ZyAIR G-5100 User’s Guide Chapter 8 IP Screen...
Page 95: Chapter 9 Certificates
ZyAIR G-5100 User’s Guide H A P T E R Certificates This chapter gives background information about public-key certificates and explains how to use them. 9.1 Certificates Overview The ZyAIR can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs.
Page 96: Advantages Of Certificates
ZyAIR G-5100 User’s Guide 9.1.1 Advantages of Certificates Certificates offer the following benefits. • The ZyAIR only has to store the certificates of the certification authorities that you decide to trust, no matter how many devices you need to authenticate.
Page 97: Figure 44 My Certificates
ZyAIR G-5100 User’s Guide Figure 44 My Certificates The following table describes the labels in this screen. Table 28 My Certificates LABEL DESCRIPTION PKI Storage This bar displays the percentage of the ZyAIR’s PKI storage space that is currently Space in Use in use.
Page 98: Certificate File Formats
ZyAIR G-5100 User’s Guide Table 28 My Certificates (continued) LABEL DESCRIPTION Type This field displays what kind of certificate this is. REQ represents a certification request and is not yet a valid certificate. Send a certification request to a certification authority, which then issues a certificate. Use the My Certificate Import screen to import the certificate and replace the request.
Page 99: Importing A Certificate
ZyAIR G-5100 User’s Guide • Binary X.509: This is an ITU-T recommendation that defines the formats for X.509 certificates. • PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64 ASCII characters to convert a binary X.509 certificate into a printable form.
Page 100: Creating A Certificate
ZyAIR G-5100 User’s Guide Table 29 My Certificate Import LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it. Browse Click Browse to find the certificate file you want to upload.
Page 101: Figure 46 My Certificate Create
ZyAIR G-5100 User’s Guide Figure 46 My Certificate Create The following table describes the labels in this screen. Table 30 My Certificate Create LABEL DESCRIPTION Certificate Name Type up to 31 ASCII characters (not including spaces) to identify this certificate.
Page 102 ZyAIR G-5100 User’s Guide Table 30 My Certificate Create (continued) LABEL DESCRIPTION Organizational Unit Type up to 127 characters to identify the organizational unit or department to which the certificate owner belongs. You may use any character, including spaces, but the ZyAIR drops trailing spaces.
Page 103: My Certificate Details
ZyAIR G-5100 User’s Guide Table 30 My Certificate Create (continued) LABEL DESCRIPTION Type the key that the certification authority gave you. Apply Click Apply to begin certificate or certification request generation. Cancel Click Cancel to quit and return to the My Certificates screen.
Page 104: Figure 47 My Certificate Details
ZyAIR G-5100 User’s Guide Figure 47 My Certificate Details Chapter 9 Certificates...
Page 105: Table 31 My Certificate Details
ZyAIR G-5100 User’s Guide The following table describes the labels in this screen. Table 31 My Certificate Details LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this certificate. You may use any character (not including spaces).
Page 106: Trusted Cas
ZyAIR G-5100 User’s Guide Table 31 My Certificate Details (continued) LABEL DESCRIPTION Subject Alternative This field displays the certificate owner‘s IP address (IP), domain name (DNS) or Name e-mail address (EMAIL). Key Usage This field displays for what functions the certificate’s key can be used. For example, “DigitalSignature”...
Page 107: Figure 48 Trusted Cas
ZyAIR G-5100 User’s Guide Figure 48 Trusted CAs The following table describes the labels in this screen. Table 32 Trusted CAs LABEL DESCRIPTION PKI Storage This bar displays the percentage of the ZyAIR’s PKI storage space that is currently Space in Use in use.
Page 108: Importing A Trusted Ca's Certificate
ZyAIR G-5100 User’s Guide Table 32 Trusted CAs (continued) LABEL DESCRIPTION CRL Issuer This field displays Yes if the certification authority issues Certificate Revocation Lists for the certificates that it has issued and you have selected the Issues certificate revocation lists (CRL) check box in the certificate’s details screen to have the ZyAIR check the CRL before trusting any certificates issued by the certification authority.
Page 109: Trusted Ca Certificate Details
ZyAIR G-5100 User’s Guide Figure 49 Trusted CA Import The following table describes the labels in this screen. Table 33 Trusted CA Import LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it.
Page 110: Figure 50 Trusted Ca Details
ZyAIR G-5100 User’s Guide Figure 50 Trusted CA Details Chapter 9 Certificates...
Page 111: Table 34 Trusted Ca Details
ZyAIR G-5100 User’s Guide The following table describes the labels in this screen. Table 34 Trusted CA Details LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this key certificate. You may use any character (not including spaces).
Page 112 ZyAIR G-5100 User’s Guide Table 34 Trusted CA Details (continued) LABEL DESCRIPTION Subject Alternative This field displays the certificate’s owner‘s IP address (IP), domain name (DNS) Name or e-mail address (EMAIL). Key Usage This field displays for what functions the certificate’s key can be used. For example, “DigitalSignature”...
Page 113: Chapter 10 Log Screens
ZyAIR G-5100 User’s Guide H A P T E R Log Screens This chapter contains information about configuring general log settings and viewing the ZyAIR’s logs. Refer to Appendix K on page 249 for example log message explanations. 10.1 Configuring View Log The web configurator allows you to look at all of the ZyAIR’s logs in one location.
Page 114: Figure 51 View Log
ZyAIR G-5100 User’s Guide Figure 51 View Log The following table describes the labels in this screen. Table 35 View Log LABEL DESCRIPTION Display Select a log category from the drop down list box to display logs within the selected category. To view all logs, select All Logs.
Page 115: Configuring Log Settings
ZyAIR G-5100 User’s Guide Table 35 View Log (continued) LABEL DESCRIPTION Destination This field lists the destination IP address and the port number of the incoming packet. Notes This field displays additional information about the log entry. 10.2 Configuring Log Settings To change your ZyAIR’s log settings, click LOGS and then Log Settings.
Page 116: Figure 52 Log Settings
ZyAIR G-5100 User’s Guide Figure 52 Log Settings The following table describes the labels in this screen. Table 36 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below.
Page 117 ZyAIR G-5100 User’s Guide Table 36 Log Settings (continued) LABEL DESCRIPTION Send Log to Logs are sent to the e-mail address specified in this field. If this field is left blank, logs will not be sent via e-mail. Send Alerts to Enter the e-mail address where the alert messages will be sent.
Page 118 ZyAIR G-5100 User’s Guide Chapter 10 Log Screens...
Page 119: Chapter 11 Maintenance
ZyAIR G-5100 User’s Guide H A P T E R Maintenance This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics. 11.1 Maintenance Overview The maintenance screens can help you view system information, upload new firmware, manage configuration and restart your ZyAIR.
Page 120: System Statistics
ZyAIR G-5100 User’s Guide Table 37 System Status (continued) LABEL DESCRIPTION IP Address This is the Ethernet port IP address. IP Subnet Mask This is the Ethernet port subnet mask. DHCP This is the Ethernet port DHCP role - Client or None.
Page 121: Association List
ZyAIR G-5100 User’s Guide Table 38 System Status: Show Statistics (continued) LABEL DESCRIPTION Collisions This is the number of collisions on this port. Tx B/s This shows the transmission speed in bytes per second on this port. Rx B/s This shows the reception speed in bytes per second on this port.
Page 122: Channel Usage
ZyAIR G-5100 User’s Guide Table 39 Association List LABEL DESCRIPTION WLAN 1, 2 This identifies the WLAN adapter to which the list of wireless clients is associated. This is the index number of an associated wireless station. MAC Address This field displays the MAC address of an associated wireless station.
Page 123: F/W Upload Screen
ZyAIR G-5100 User’s Guide Table 40 Channel Usage LABEL DESCRIPTION SSID This is the Service Set IDentification name of the AP in an Infrastructure wireless network or wireless station in an Ad-Hoc wireless network. For our purposes, we define an Infrastructure network as a wireless network that uses an AP and an Ad-Hoc network (also known as Independent Basic Service Set (IBSS)) as one that doesn’t.
Page 124: Figure 57 Firmware Upload
ZyAIR G-5100 User’s Guide Figure 57 Firmware Upload The following table describes the labels in this screen. Table 41 Firmware Upload LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ...
Page 125: Figure 58 Firmware Upload In Process
ZyAIR G-5100 User’s Guide Figure 58 Firmware Upload In Process The ZyAIR automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 59 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the System Status screen.
Page 126: Configuration Screen
ZyAIR G-5100 User’s Guide Figure 60 Firmware Upload Error 11.6 Configuration Screen Chapter 20 on page 169 for transferring configuration files using FTP/TFTP commands. Click MAINTENANCE, and then the Configuration tab. Information related to backing up configuration, restoring configuration and restoring factory defaults appears as shown next.
Page 127: Backup Configuration
ZyAIR G-5100 User’s Guide Figure 61 Configuration 11.6.1 Backup Configuration Backup configuration allows you to back up (save) the ZyAIR’s current configuration to a file on your computer. Once your ZyAIR is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes.
Page 128: Restore Configuration
ZyAIR G-5100 User’s Guide 11.6.2 Restore Configuration Restore configuration allows you to upload a new or previously saved configuration file from your computer to your ZyAIR. Table 42 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ...
Page 129: Back To Factory Defaults
ZyAIR G-5100 User’s Guide Figure 64 Configuration Upload Error 11.6.3 Back to Factory Defaults Click the Reset button in this section to clear all user-entered configuration information and returns the ZyAIR to its factory defaults as shown on the screen. The following warning screen will appear.
Page 130: Figure 66 Restart Screen
ZyAIR G-5100 User’s Guide Figure 66 Restart Screen Chapter 11 Maintenance...
Page 131: Chapter 12 Introducing The Smt
ZyAIR G-5100 User’s Guide H A P T E R Introducing the SMT This chapter describes how to access the SMT and provides an overview of its menus 12.1 Introduction to the SMT The ZyAIR’s SMT (System Management Terminal) is a menu-driven interface that you can access from a terminal emulator through the console port or over a telnet connection.
Page 132: Entering The Password
Version: ZyAIR G-5100, start: 5012c030 Length: 46312C, Checksum: 4F98 Compressed Length: 161B28, Checksum: ED83 Copyright (c) 1994 - 2005 ZyXEL Communications Corp. initialize ch =0, ethernet address: 00:A0:C5:62:B0:DB initialize ch =1, ethernet address: 00:A0:C5:62:B0:DB initialize ch =2, ethernet address: 00:A0:C5:62:B0:DC...
Page 133: Accessing The Smt Via Telnet
ZyAIR G-5100 User’s Guide 12.3 Accessing the SMT via Telnet The following procedure details how to telnet into your ZyAIR. 1 In Windows, click Start (usually in the bottom left corner), Run and then type “telnet 192.168.1.2” (the default IP address) and click OK.
Page 134: System Management Terminal Interface Summary
SMT interface. After you enter the password, the SMT displays the main menu, as shown next. Figure 70 SMT Main Menu Copyright (c) 1994 - 2005 ZyXEL Communications Corp. ZyAIR G-5100 Main Menu Getting Started Advanced Management 1. General Setup 22.
Page 135: Smt Menus Overview
ZyAIR G-5100 User’s Guide Table 44 Main Menu Summary (continued) MENU TITLE DESCRIPTION System Security Use this menu to change your password and enable network user authentication. System Maintenance This menu provides system status, diagnostics, software upload, etc. Exit Use this to exit from SMT and return to a blank screen.
Page 136: Changing The System Password
ZyAIR G-5100 User’s Guide 12.5 Changing the System Password Change the ZyAIR default password by following the steps shown next. 1 From the main menu, enter 23 to display Menu 23 – System Security. 2 Enter 1 to display Menu 23.1 – System Security – Change Password as shown next.
Page 137: Chapter 13 General Setup
ZyAIR G-5100 User’s Guide H A P T E R General Setup The chapter shows you the information on general setup. 13.1 General Setup Menu 1 – General Setup contains administrative and system-related information (shown next). The System Name field is for identification purposes. It is recommended you type your computer's "Computer name".
Page 138: Table 46 Menu 1 General Setup
ZyAIR G-5100 User’s Guide Fill in the required fields. Refer to the following table for more information about these fields. Table 46 Menu 1 General Setup FIELD DESCRIPTION System Name Choose a descriptive name for identification purposes. This name can be up to 30 alphanumeric characters long.
Page 139: Chapter 14 Lan Setup
ZyAIR G-5100 User’s Guide H A P T E R LAN Setup This chapter shows you how to configure the LAN on your ZyAIR. 14.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 – LAN Setup. From the main menu, enter 3 to display menu 3.
Page 140: Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 74 Menu 3.2 TCP/IP Setup Menu 3.2 - TCP/IP Setup IP Address Assignment= Static IP Address= 192.168.1.2 IP Subnet Mask= 255.255.255.0 Gateway IP Address= 0.0.0.0 Follow the instructions in the following table on how to configure the fields in this menu.
Page 141: Figure 75 Menu 3.5 Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 75 Menu 3.5 Wireless LAN Setup Menu 3.5 - Wireless LAN Setup WLAN Adapter= WLAN 1 Operating Mode= Access Point Name (SSID)= ZyXEL Hide Name (SSID)= No Edit MAC Address Filter= No Channel ID= CH06 2437MHz...
Page 142 ZyAIR G-5100 User’s Guide Table 48 Menu 3.5 Wireless LAN Setup (continued) FIELD DESCRIPTION Key 1 to Key 4 The WEP keys are used to encrypt data. Both the ZyAIR and the wireless stations must use the same WEP key for data transmission.
Page 143: Configuring Mac Address Filter
ZyAIR G-5100 User’s Guide 14.3.1 Configuring MAC Address Filter Your ZyAIR checks the MAC address of the wireless station device against a list of allowed or denied MAC addresses. However, intruders could fake allowed MAC addresses so MAC- based authentication is less secure than EAP authentication.
Page 144: Configuring Roaming
ZyAIR G-5100 User’s Guide Figure 77 Menu 3.5.1 WLAN MAC Address Filter Menu 3.5.1 - WLAN MAC Address Filter Active= No Filter Action= Allowed Association ------------------------------------------------------------------------------ 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00...
Page 145: Figure 78 Menu 3.5 Wireless Lan Setup
ZyAIR G-5100 User’s Guide Figure 78 Menu 3.5 Wireless LAN Setup Menu 3.5 - Wireless LAN Setup Operating Mode= Access Point Name (SSID)= ZyXEL Hide Name (SSID)= No Edit MAC Address Filter= No Channel ID= CH06 2437MHz Edit Roaming Configuration= No...
Page 146: Configuring Bridge Link
ZyAIR G-5100 User’s Guide Table 50 Menu 3.5.2 - Roaming Configuration FIELD DESCRIPTION Active Press [SPACE BAR] to select Yes from the drop-down list box to enable roaming on the ZyAIR if you have two or more ZyAIRs on the same subnet.
Page 147: Figure 81 Menu 3.5.4 - Bridge Link Configuration
ZyAIR G-5100 User’s Guide 4 Move the cursor to the Edit Bridge Link Configuration field. Press [SPACE BAR] to select Yes and press [ENTER]. Menu 3.5.4 – Bridge Link Configuration displays as shown next. Figure 81 Menu 3.5.4 - Bridge Link Configuration Menu 3.5.4 - Bridge Link Configuration...
Page 148 ZyAIR G-5100 User’s Guide Chapter 14 LAN Setup...
Page 149: Chapter 15 Dial-In User Setup
ZyAIR G-5100 User’s Guide H A P T E R Dial-in User Setup This chapter shows you how to create user accounts on the ZyAIR. 15.1 Dial-in User Setup By storing user profiles locally, your ZyAIR is able to authenticate wireless users without interacting with a network RADIUS server.
Page 150: Table 52 Menu 14.1- Edit Dial-In User
ZyAIR G-5100 User’s Guide Table 52 Menu 14.1- Edit Dial-in User FIELD DESCRIPTION User Name Enter a username up to 31 alphanumeric characters long for this user profile. This field is case sensitive. Active Press [SPACE BAR] to select Yes and press [ENTER] to enable the user profile.
Page 151: Chapter 16 Vlan Setup
ZyAIR G-5100 User’s Guide H A P T E R VLAN Setup This chapter explains VLAN setup menu 16. Refer to the web configurator VLAN chapter for background information on VLAN. 16.1 VLAN Setup To setup VLAN, select option 16 from the main menu to open Menu 16 – VLAN Setup as shown next.
Page 152 ZyAIR G-5100 User’s Guide Chapter 16 VLAN Setup...
Page 153: Chapter 17 Snmp Configuration
ZyAIR G-5100 User’s Guide H A P T E R SNMP Configuration This chapter explains SNMP Configuration menu 22. 17.1 About SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your ZyAIR supports SNMP agent functionality, which allows a manager station to manage and monitor the ZyAIR through the network.
Page 154: Supported Mibs
ZyAIR G-5100 User’s Guide The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include the number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects.
Page 155: Snmp Traps
ZyAIR G-5100 User’s Guide Table 54 Menu 22 SNMP Configuration FIELD DESCRIPTION SNMP: Get Community Type the Get Community, which is the password for the incoming Get- and GetNext requests from the management station. Set Community Type the Set Community, which is the password for incoming Set requests from the management station.
Page 156 ZyAIR G-5100 User’s Guide Chapter 17 SNMP Configuration...
Page 157: Chapter 18 System Security
ZyAIR G-5100 User’s Guide H A P T E R System Security This chapter describes how to configure the system security on the ZyAIR. 18.1 System Security You can configure the system password, an external RADIUS server and 802.1x in this menu.
Page 158: Figure 89 Menu 23.2 System Security: Radius Server
ZyAIR G-5100 User’s Guide From Menu 23- System Security, enter 2 to display Menu 23.2 – System Security – RADIUS Server as shown next. Figure 89 Menu 23.2 System Security: RADIUS Server Menu 23.2 - System Security - RADIUS Server...
Page 159: 159
ZyAIR G-5100 User’s Guide Table 57 Menu 23.2 System Security: RADIUS Server (continued) FIELD DESCRIPTION Shared Secret Specify a password (up to 31 alphanumeric characters) as the key to be shared between the external accounting server and the access points.
Page 160: Figure 91 Menu 23.4 System Security: Ieee802.1X
ZyAIR G-5100 User’s Guide Figure 91 Menu 23.4 System Security: IEEE802.1x Menu 23.4 - System Security - IEEE802.1x Wireless Port Control= Authentication Required ReAuthentication Timer (in second)= 1800 Idle Timeout (in second)= 3600 Key Management Protocol= 802.1x Dynamic WEP Key Exchange= 128-bit WEP...
Page 161 ZyAIR G-5100 User’s Guide Table 58 Menu 23.4 System Security: IEEE802.1x (continued) FIELD DESCRIPTION Dynamic WEP Key This field is activated only when you select Authentication Required in the Exchange Wireless Port Control field. Also set the Authentication Databases field to RADIUS Only.
Page 162 ZyAIR G-5100 User’s Guide Chapter 18 System Security...
Page 163: System Information And Diagnosis
ZyAIR G-5100 User’s Guide H A P T E R System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software.
Page 164: Figure 93 Menu 24.1 System Maintenance: Status
This is the time the ZyAIR is up and running from the last reboot. ZyNOS F/W Refers to the ZyNOS (ZyXEL Network Operating System) system firmware Version version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Name This displays the device name.
Page 165: System Information
ZyAIR G-5100 User’s Guide 19.2 System Information To get to the System Information: 1 Enter 24 to display Menu 24 – System Maintenance. 2 Enter 2 to display Menu 24.2 – System Information and Console Port Speed. 3 From this menu you have two choices as shown in the next figure: Figure 94 Menu 24.2 System Information and Console Port Speed...
Page 166: Console Port Speed
Routing Refers to the routing protocol used. ZyNOS F/W Version Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Country Code Refers to the country code of the firmware.
Page 167: Viewing Error Log
ZyAIR G-5100 User’s Guide 19.3.1 Viewing Error Log The first place you should look for clues when something goes wrong is the error log. Follow the procedures to view the local error/trace log: 1 Type 24 in the main menu to display Menu 24 – System Maintenance.
Page 168: Figure 99 Menu 24.4 System Maintenance: Diagnostic
ZyAIR G-5100 User’s Guide Figure 99 Menu 24.4 System Maintenance: Diagnostic Menu 24.4 - System Maintenance - Diagnostic TCP/IP 1. Ping Host 2. DHCP Release 3. DHCP Renewal System 11. Reboot System Enter Menu Selection Number: Host IP Address= N/A Follow the procedure next to get to display this menu: 1 From the main menu, type 24 to open Menu 24 –...
Page 169: Firmware And Configuration File Maintenance
ZyAIR G-5100 User’s Guide H A P T E R Firmware and Configuration File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files using the SMT screens.
Page 170: Backup Configuration
ZyAIR G-5100 User’s Guide The following table is a summary. Please note that the internal filename refers to the filename on the ZyAIR and the external filename refers to the filename not on the ZyAIR, that is, on your computer, local network or FTP site and so the name (but not the extension) will vary.
Page 171: Using The Ftp Command From The Dos Prompt
ZyAIR G-5100 User’s Guide 20.2.2 Using the FTP command from the DOS Prompt 1 Launch the FTP client on your computer. 2 Enter “open” and the IP address of your ZyAIR. 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested. The default is 1234.
Page 172: Backup Configuration Using Tftp
ZyAIR G-5100 User’s Guide 20.2.3 Backup Configuration Using TFTP The ZyAIR supports the up/downloading of the firmware and the configuration file using TFTP (Trivial File Transfer Protocol) over Ethernet. To use TFTP, your computer must have both telnet and TFTP clients. To backup the configuration file, follow the procedure shown next: 1 Use telnet from your computer to connect to the ZyAIR and log in.
Page 173: Backup Via Console Port
ZyAIR G-5100 User’s Guide Table 64 General Commands for Third Party TFTP Clients (continued) COMMAND DESCRIPTION Local File Enter the path and name of the firmware file (*.bin extension) or configuration file (*.rom extension) on your computer. Remote File This is the filename on the ZyAIR. The filename for the firmware is “ras” and for the configuration file, is “rom-0”.
Page 174: Restore Configuration
ZyAIR G-5100 User’s Guide Figure 105 Successful Backup Confirmation Screen ** Backup Configuration completed. OK. ### Hit any key to continue.### 20.3 Restore Configuration Menu 24.6 –- System Maintenance – Restore Configuration allows you to restore the configuration via FTP or TFTP to your ZyAIR. The preferred method is FTP. Note that this function erases the current configuration before restoring the previous backup configuration;...
Page 175: Firmware Upload
ZyAIR G-5100 User’s Guide Note: WARNING! PLEASE WAIT A FEW MINUTES FOR THE ZYAIR TO RESTART AFTER FIRMWARE OR CONFIGURATION FILE UPLOAD. INTERRUPTING THE UPLOAD PROCESS MAY PERMANENTLY DAMAGE YOUR ZYAIR. Figure 107 Menu 24.7 System Maintenance: Upload Firmware Menu 24.7 - System Maintenance - Upload Firmware 1.
Page 176: Using The Ftp Command From The Dos Prompt Example
ZyAIR G-5100 User’s Guide Figure 109 Menu 24.7.2 System Maintenance: Upload System Configuration File Menu 24.7.2 - System Maintenance - Upload System Configuration File To upload the system configuration file, follow the procedure below: 1. Launch the FTP client on your workstation.
Page 177: Tftp File Upload
ZyAIR G-5100 User’s Guide Figure 110 FTP Session Example 331 Enter PASS command Password: 230 Logged in ftp> bin 200 Type I OK ftp> put firmware.bin ras 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp: 327680 bytes sent in 1.10Seconds...
Page 178: Uploading Via Console Port
ZyAIR G-5100 User’s Guide TFTP [-i] host put firmware.bin ras where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the ZyAIR’s IP address, “put” transfers the file source on the computer (firmware.bin – name of the firmware on the computer) to the file destination on the remote host (ras - name of the firmware on the ZyAIR).
Page 179: Uploading Configuration File Via Console Port
ZyAIR G-5100 User’s Guide Figure 112 Example Xmodem Upload Type the firmware file’s location, or click Browse to look for it. Choose the Xmodem protocol. Then click Send. After the firmware upload process has completed, the ZyAIR will automatically restart.
Page 180: Example Xmodem Configuration Upload Using Hyperterminal
ZyAIR G-5100 User’s Guide 20.4.10 Example Xmodem Configuration Upload Using HyperTerminal Click Transfer, then Send File to display the following screen. Figure 114 Example Xmodem Upload Type the configuration file’s location, or click Browse to search for it. Choose the Xmodem protocol.
Page 181: System Maintenance And Information
ZyAIR G-5100 User’s Guide H A P T E R System Maintenance and Information This chapter leads you through SMT menus 24.8 and 24.10. 21.1 Command Interpreter Mode The Command Interpreter (CI) is a part of the main system firmware. The CI provides much of the same functionality as the SMT, while adding some low-level setup and diagnostic functions.
Page 182: Time And Date Setting
ZyAIR G-5100 User’s Guide Figure 116 Valid CI Commands Copyright (c) 1994 - 2004 ZyXEL Communications Corp. G-5100> ? Valid commands are: exit ether wlan bridge certificates 8021x radius radserv G-5100> 21.2 Time and Date Setting The ZyAIR keeps track of the time and date. There is also a software mechanism to set the time manually or get the current time and date from an external server when you turn on your ZyAIR.
Page 183: Resetting The Time
ZyAIR G-5100 User’s Guide Table 65 System Maintenance: Time and Date Setting FIELD DESCRIPTION Time Protocol Enter the time service protocol that your time server sends when you turn on the ZyAIR. Not all time servers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works.
Page 184 ZyAIR G-5100 User’s Guide Chapter 21 System Maintenance and Information...
Page 185: Chapter 22 Troubleshooting
ZyAIR G-5100 User’s Guide H A P T E R Troubleshooting This appendix covers potential problems and possible remedies. After each problem description, some instructions are provided to help you to diagnose and to solve the problem. 22.1 Problems Starting Up the ZyAIR Table 66 Troubleshooting the Start-Up of Your ZyAIR The power injector’s...
Page 186: Problems With The Ethernet Interface
ZyAIR G-5100 User’s Guide 22.3 Problems with the Ethernet Interface Table 68 Troubleshooting the Ethernet Interface PROBLEM CORRECTIVE ACTION Cannot access If all of the LEDs on the inline power injector are on, check the Ethernet cable the ZyAIR from connection between your ZyAIR and the computer connected to the DATA IN port the LAN.
Page 187: Problems With The Password
ZyAIR G-5100 User’s Guide 22.4 Problems with the Password Table 69 Troubleshooting the Password PROBLEM CORRECTIVE ACTION I cannot access The Password and Username fields are case-sensitive. Make sure that you enter the ZyAIR. the correct password and username using the proper casing.
Page 188 ZyAIR G-5100 User’s Guide Chapter 22 Troubleshooting...
Page 189: Appendix A Specifications
ZyAIR G-5100 User’s Guide P P E N D I X Specifications General Specifications Table 72 Device Specifications Default IP Address 192.168.1.2 Default Subnet Mask 255.255.255.0 (24 bits) Default Password 1234 Table 73 Performance WLAN Connection IEEE 802.11g, up to 500 m Distance IEEE 802.11g, up to 5 km...
Page 190: Table 74 Firmware Features
ZyAIR G-5100 User’s Guide Table 74 Firmware Features System Management Embedded Web Configurator (HTTP) Menu-driven SMT (System Management Terminal) management CLI (Command Line Interpreter) Remote Management via Telnet or Web Diagnostic tool (built-in) SNMP Manageable Firmware Upgrade (web configurator, TFTP/FTP)
Page 191: Table 75 Environmental Conditions
ZyAIR G-5100 User’s Guide Table 75 Environmental Conditions TEMPERATURE RANGE IN DEGREES CELSIUS Operation +15 ~ +35 Normal ~ +35 Extreme ~ +70 Storage -40 to +80 HUMIDITY (non-condensing): 5% to 95% RH (typical) Table 76 Inspection Channel (CH1, CH7, CH13)
Page 192: Table 78 Radio Specifications
ZyAIR G-5100 User’s Guide Table 77 Hardware Specifications (continued) Dimensions 246(L) x 202(D) x 73(H) mm Weight ZyAIR G-5100 without accessories, 2.6 kg Radio Specifications Table 78 Radio Specifications FREQUENCY BAND 2.4 ~ 2.4835 (GHZ) Direct Sequence Spread Spectrum (DSSS)
Page 193: Table 80 Transmitting System
ZyAIR G-5100 User’s Guide System Test Table 80 Transmitting System PARAMETER TEST CONDITION SPECIFICATION TEMP. DEG. C. Tx Power Modulation: OFDM Data FCC:19 dBm ± 1 dB 19dBm ± 2 25-20 ~ +70 Rate: 54 Mbps ETSI:14 dBm ± 1 dB 14dBm ± 2...
Page 194: Figure 118 Inspection Cosmetic And Function
ZyAIR G-5100 User’s Guide Figure 118 Inspection Cosmetic and Function TEST ITEM TEST CONDITION CRITERIA High Temp. +70 Deg. C No Damage In Temperature Cosmetics or Error In Storage 24 hours Operation Function Test Operation mode in the chamber Spec.
Page 195 ZyAIR G-5100 User’s Guide Table 83 Approvals North America FCC Part 15 Class B European Union (CE mark) EN55022 Class BEN61000-3- 2EN61000-3-3 European Union (CE mark) EN61000-4-2 ELECTROSTATIC DISCHARGE EN61000-4-3 RADIO-FREQUENCY ELECTROMAGNETIC FIELD EN61000-4-4 EFT/BURST EN61000-4-5 SURGE EN61000-4-6 CONDUCTED SUSCEPTIBILITY...
Page 196 ZyAIR G-5100 User’s Guide Appendix A Specifications...
Page 197: Packaging Specifications
ZyAIR G-5100 User’s Guide P P E N D I X Packaging Specifications Table 84 Packaging Specifications ITEMS SPECIFICATION/DESCRIPTION QUANTITY Inline Power Injector (PoE) Input 100 ~ 240 VAC, 2 A, 50/60 Hz. Output 800 mA at -48 Wall-plug AC Power Cord (1.8 m)
Page 198 ZyAIR G-5100 User’s Guide Appendix B Packaging Specifications...
Page 199: Power Over Ethernet Specifications
ZyAIR G-5100 User’s Guide P P E N D I X Power over Ethernet Specifications You can use a power over Ethernet injector to power this device. The injector must comply to IEEE 802.3af.-7 Table 86 Power over Ethernet Injector Specifications Power Output 15.4 Watts maximum...
Page 200 ZyAIR G-5100 User’s Guide Appendix C Power over Ethernet Specifications...
Page 201: Setting Up Your Computer's Ip Address
ZyAIR G-5100 User’s Guide P P E N D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.
Page 202: Figure 119 Windows 95/98/Me: Network: Configuration
ZyAIR G-5100 User’s Guide Figure 119 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add.
Page 203: Figure 120 Windows 95/98/Me: Tcp/Ip Properties: Ip Address
ZyAIR G-5100 User’s Guide 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click 5 Restart your computer so the changes you made take effect. Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab.
Page 204: Figure 121 Windows 95/98/Me: Tcp/Ip Properties: Dns Configuration
ZyAIR G-5100 User’s Guide Figure 121 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add.
Page 205: Figure 122 Windows Xp: Start Menu
ZyAIR G-5100 User’s Guide Figure 122 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 123 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Page 206: Figure 124 Windows Xp: Control Panel: Network Connections: Properties
ZyAIR G-5100 User’s Guide Figure 124 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 125 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Page 207: Figure 126 Windows Xp: Internet Protocol (Tcp/Ip) Properties
ZyAIR G-5100 User’s Guide • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. • Click Advanced. Figure 126 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK.
Page 208: Figure 127 Windows Xp: Advanced Tcp/Ip Properties
ZyAIR G-5100 User’s Guide Figure 127 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 209: Figure 128 Windows Xp: Internet Protocol (Tcp/Ip) Properties
ZyAIR G-5100 User’s Guide Figure 128 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Page 210: Figure 129 Macintosh Os 8/9: Apple Menu
ZyAIR G-5100 User’s Guide Figure 129 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 130 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. Appendix D Setting up Your Computer’s IP Address...
Page 211: Figure 131 Macintosh Os X: Apple Menu
ZyAIR G-5100 User’s Guide 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. •...
Page 212: Figure 132 Macintosh Os X: Network
ZyAIR G-5100 User’s Guide Figure 132 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box.
Page 213: Appendix Eip Subnetting
ZyAIR G-5100 User’s Guide P P E N D I X IP Subnetting IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1.
Page 214: Table 89 Allowed Ip Address Range By Class
ZyAIR G-5100 User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B”...
Page 215: Table 91 Alternative Subnet Mask Notation
ZyAIR G-5100 User’s Guide Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/”...
Page 216: Table 93 Subnet 1
ZyAIR G-5100 User’s Guide Note: In the following charts, shaded/bolded last octet bit values indicate host ID bits “borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have on each subnet.
Page 217: Table 95 Subnet 1
ZyAIR G-5100 User’s Guide Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192.
Page 218: Table 98 Subnet 4
ZyAIR G-5100 User’s Guide Table 98 Subnet 4 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 11000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.193 192.168.1.192 Broadcast Address: Highest Host ID: 192.168.1.254 192.168.1.255...
Page 219: Table 101 Class B Subnet Planning
ZyAIR G-5100 User’s Guide Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID.
Page 220 ZyAIR G-5100 User’s Guide Appendix E IP Subnetting...
Page 221: Appendix F Wireless Lan
ZyAIR G-5100 User’s Guide Appendix F Wireless LAN Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless stations (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an Ad-hoc network or Independent Basic Service Set (IBSS).
Page 222: Figure 134 Basic Service Set
ZyAIR G-5100 User’s Guide Figure 134 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS).
Page 223: Figure 135 Infrastructure Wlan
ZyAIR G-5100 User’s Guide Figure 135 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.11a/b/g wireless devices. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a different channel than an adjacent AP (access point) to reduce interference.
Page 224: Figure 136 Rts/Cts
ZyAIR G-5100 User’s Guide Figure 136 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Page 225: Table 102 Ieee802.11G
ZyAIR G-5100 User’s Guide A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size.
Page 226 ZyAIR G-5100 User’s Guide IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.1x are:...
Page 227: Figure 137 Eap Authentication
ZyAIR G-5100 User’s Guide • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access- Request message. The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting: •...
Page 228 ZyAIR G-5100 User’s Guide 3 The wireless station replies with identity information, including username and password. 4 The RADIUS server checks the user information against its user profile database and determines whether or not to authenticate the wireless station. Types of Authentication This section discusses some popular authentication types: EAP-MD5, EAP-TLS, EAP- TTLS, PEAP and LEAP.
Page 229 ZyAIR G-5100 User’s Guide PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication.
Page 230: Figure 138 Wep Authentication Steps
ZyAIR G-5100 User’s Guide Figure 138 WEP Authentication Steps Open system authentication involves an unencrypted two-message procedure. A wireless station sends an open system authentication request to the AP, which will then automatically accept and connect the wireless station to the network. In effect, open system is not authentication at all as any station can gain access to the network.
Page 231: Table 103 Comparison Of Eap Authentication Types
ZyAIR G-5100 User’s Guide Note: EAP-MD5 cannot be used with Dynamic WEP Key Exchange For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, a simple user name and password pair is more practical. The following table is a comparison of the features of authentication types.
Page 232: Table 104 Wireless Security Relational Matrix
ZyAIR G-5100 User’s Guide The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering them and resending them. The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC. If they do not match, it is assumed that the data has been tampered with and the packet is dropped.
Page 233: Figure 139 Roaming Example
ZyAIR G-5100 User’s Guide In a network environment with multiple access points, wireless stations are able to switch from one access point to another as they move between the coverage areas. This is roaming. As the wireless station moves from place to place, it is responsible for choosing the most appropriate access point depending on the signal strength, network utilization or other factors.
Page 234 ZyAIR G-5100 User’s Guide Requirements for Roaming The following requirements must be met in order for wireless stations to roam between the coverage areas. 1 All the access points must be on the same subnet and configured with the same ESSID.
Page 235: Appendix G Outdoor Site Planning
ZyAIR G-5100 User’s Guide P P E N D I X Outdoor Site Planning This appendix provides information on site planning requirements for the installation of your outdoor wireless device. Introduction The installation of a wireless network requires some additional planning over a wired network.
Page 236 ZyAIR G-5100 User’s Guide Specific Considerations The following information will help you determine site characteristics that are most applicable to your outdoor wireless device and the actions that should be taken. Weather It is important to research any unusual weather conditions that are common to the site location.
Page 237 ZyAIR G-5100 User’s Guide Wind Any system components mounted outdoors will be subject to the effects of wind. It is important to know the direction and velocity of the wind common to the site. The mounting structure must be able to withstand these forces as well as protect against damage to the outdoor wireless device components.
Page 238: Antenna Characteristics
ZyAIR G-5100 User’s Guide Effects within the system or outside the system can cause interference. Good planning for frequencies and antennas can overcome most interference challenges. Co-Channel and Adjacent Channel Interference Co-channel interference results when another RF link is using the same channel frequency.
Page 239: Antenna Polarization
ZyAIR G-5100 User’s Guide Antenna gain is sometimes specified in dBi, which is how much the antenna increases the signal power compared to using an isotropic antenna. An isotropic antenna is a theoretical perfect antenna that sends out radio signals equally well in all directions. dBi represents the true gain that the antenna provides.
Page 240 ZyAIR G-5100 User’s Guide Calculating a Link Budget A link budget is a rough calculation of all known elements of the link, to determine if the signal will have the proper strength when it reaches the other end of the link.
Page 241: Outdoor Installation Recommendations
ZyAIR G-5100 User’s Guide P P E N D I X Outdoor Installation Recommendations This appendix provides information on site requirements for the installation of your outdoor wireless device See the Quick Start Guide for more information on site installation.
Page 242: Antenna Alignment
ZyAIR G-5100 User’s Guide Direct grounding of the antenna mast and outdoor wireless device. The outdoor wireless device should be connected to the same grounding system as the antenna mast and the AC wall outlet. The grounding system must comply with the National Electrical Code and safety standards that apply in your country.
Page 243 ZyAIR G-5100 User’s Guide For omni-directional antennas mounted on a table, desk, and so on, point the antenna up. For omni-directional antennas mounted on a wall or ceiling, point the antenna down. For a single AP application, place omni-directional antennas as close to the center of the coverage area as possible.
Page 244 ZyAIR G-5100 User’s Guide Appendix H Outdoor Installation Recommendations...
Page 245: Appendix I Command Interpreter
ZyAIR G-5100 User’s Guide P P E N D I X Command Interpreter The following describes how to use the command interpreter. Enter 24 in the main menu to bring up the system maintenance menu. Enter 8 to go to Menu 24.8 - Command Interpreter Mode.
Page 246 ZyAIR G-5100 User’s Guide Appendix I Command Interpreter...
Page 247: Brute-Force Password Guessing Protection
ZyAIR G-5100 User’s Guide P P E N D I X Brute-Force Password Guessing Protection Brute-force password guessing protection allows you to specify a wait-time that must expire before entering a fourth password after three incorrect passwords have been entered.
Page 248 ZyAIR G-5100 User’s Guide Appendix J Brute-Force Password Guessing Protection...
Page 249: Appendix K Log Descriptions
ZyAIR G-5100 User’s Guide P P E N D I X Log Descriptions This appendix provides descriptions of example log messages. Table 106 System Maintenance Logs LOG MESSAGE DESCRIPTION The router has adjusted its time based on information from the time server.
Page 250: Table 108 Sys Log
ZyAIR G-5100 User’s Guide Table 107 ICMP Notes (continued) TYPE CODE DESCRIPTION Redirect datagrams for the Network Redirect datagrams for the Host Redirect datagrams for the Type of Service and Network Redirect datagrams for the Type of Service and Host...
Page 251: Table 109 Log Categories And Available Settings
ZyAIR G-5100 User’s Guide Use sys logs category followed by a log category and a parameter to decide what to record Table 109 Log Categories and Available Settings LOG CATEGORIES AVAILABLE PARAMETERS error 0, 1, 2, 3 mten 0, 1...
Page 252 ZyAIR G-5100 User’s Guide Appendix K Log Descriptions...
Page 253: Index
ZyAIR G-5100 User’s Guide Index Numerics Binary PKCS#7 Binary X.509 Blocking Port State 110V AC Bluetooth Enabled Devices, See 2.4 GHz Devices 2.4 GHz Devices BPDU (Bridge Protocol Data Units) 230V AC Bridge Application Bridge Loop Bridge Protocol Data Units (BPDUs)
Page 254 ZyAIR G-5100 User’s Guide My Certificate Details Condition Name 97, 101, 105, 107, 111 Connecting Cables Organization 102, 105 Consequential Damages Organizational Unit 102, 105 Console Port PEM (Base-64) Encoded Format Contact Information PKI Storage Space in Use Contacting Customer Support...
Page 255 ZyAIR G-5100 User’s Guide Disabled Port State Compliance Rules, Part 15 Discarding Port State FCC Rules Disclaimer Federal Communications Commission Discretion Feedback Distribution System Filename Conventions Domain Name Filter Action DQPSK, See Differential Quadrature Phase Shift Keying Finland, Contact Information...
Page 256 ZyAIR G-5100 User’s Guide HyperTerminal program Key Hierarchy Key Length Key Management System Key Usage 106, 112 IANA IBSS ICES-003 Icons Key Labor Idle Timeout IEEE 802.11b Learning Port State 57, 58 IEEE 802.11g 31, 225 Legal Rights IEEE 802.11i Liability IEEE 802.1w...
Page 257 ZyAIR G-5100 User’s Guide Mouse Action Sequences Permission MSDU Photocopying My Certificate Details Ping My Certificates PKCS#7 PKI Storage Space in Use 97, 107 Port Number For Communicate Roaming Information Network Bridge Port States Network Management Postage Prepaid. Network Number, See IP Address...
Page 258 ZyAIR G-5100 User’s Guide Radio Technician RFC 1597 RADIUS 32, 226 Rights Shared Secret Key Rights, Legal RADIUS Message Types Risk RADIUS Messages Risks RADIUS Server Backup Roaming 69, 232 RADIUS Server, Embedded Example Rapid Spanning Tree Protocol Requirements 70, 234...
Page 259 ZyAIR G-5100 User’s Guide MIBs Technical Writing Team Telephone Trap Television Interference Traps Television Reception Trusted Host Temporal Key Integrity Protocol (TKIP) SNMP (Simple Network Management Protocol) Terminal Emulation Spain, Contact Information TFTP File Transfer Spanning Tree Protocol 31, 57, 65...
Page 260 ZyAIR G-5100 User’s Guide Virtual Local Area Network WPA with RADIUS VLAN WPA with RADIUS Application Voltage Supply WPA-PSK Application Voltage, High Written Permission Passthrough VPN (Virtual Private Network) VT100 X.509 99, 105 Warning Warnings Warranty ZyNOS 3, 170 Warranty Information...

ZyXEL Communications ZyAIR G-5100 User Manual

Chapter 1 Getting to Know Your Zyair

Chapter 2 Introducing the Web Configurator

Chapter 3 Wizard Setup

Chapter 4 System Screens

Chapter 5 Wireless LAN

Chapter 6 Internal RADIUS Server

Chapter 7 VLAN

Chapter 8 IP Screen

Chapter 9 Certificates

Chapter 10 Log Screens

Chapter 11 Maintenance

Chapter 12 Introducing the SMT

Chapter 13 General Setup

Chapter 14 LAN Setup

Chapter 15 Dial-In User Setup

Chapter 16 VLAN Setup

Chapter 17 SNMP Configuration

Chapter 18 System Security

Chapter 19 System Information and Diagnosis

Quick Links

Troubleshooting

Need help?

Questions and answers

Related Manuals for ZyXEL Communications ZyAIR G-5100

Summary of Contents for ZyXEL Communications ZyAIR G-5100