ZyXEL Communications NWA5121-N User Manual
802.11 a/b/g/n/ unified access point
Hide thumbs
Also See for NWA5121-N:
- User manual (228 pages) ,
- Manual (200 pages) ,
- User manual (249 pages)
Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications NWA5121-N
Summary of Contents for ZyXEL Communications NWA5121-N
- Page 1 NWA5120 Series NWA5121-N NWA5121-NI NWA5123-NI 802.11 a/b/g/n Unified Access Point Version 4.10 Edition 1, 05/2014 Quick Start Guide User’s Guide Default Login Details LAN IP Address http://192.168.1.2 User Name admin www.zyxel.com Password 1234 Copyright © 2014 ZyXEL Communications Corporation...
- Page 2 IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. This is a User’s Guide for a series of products. Not all products support all firmware features. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system.
-
Page 3: Table Of Contents
Contents Overview Contents Overview User’s Guide ............................10 Introduction ............................. 11 The Web Configurator ..........................19 Technical Reference ..........................30 Dashboard ...............................31 Monitor ..............................36 Management Mode ..........................49 Network ..............................53 Wireless ..............................57 User .................................69 AP Profile ..............................76 MON Profile .............................94 WDS Profile .............................98 Certificates ............................100 System .............................. -
Page 4: Table Of Contents
Table of Contents Table of Contents Contents Overview ..........................3 Table of Contents ..........................4 Part I: User’s Guide ..................10 Chapter 1 Introduction............................11 1.1 Overview ............................11 1.1.1 Management Mode ........................12 1.1.2 MBSSID ...........................12 1.1.3 Dual-Radio ..........................13 1.1.4 Root AP ...........................14 1.1.5 Repeater ..........................15 1.2 Ways to Manage the NWA ........................16 1.3 Good Habits for Managing the NWA ....................16... - Page 5 Table of Contents 3.2 Dashboard ............................31 3.2.1 CPU Usage ..........................34 3.2.2 Memory Usage ........................34 Chapter 4 Monitor..............................36 4.1 Overview ............................36 4.1.1 What You Can Do in this Chapter ....................36 4.2 What You Need to Know ........................36 4.3 Network Status ..........................37 4.3.1 Network Status Graph ......................38 4.4 Radio List ............................39 4.4.1 AP Mode Radio Information ....................40...
- Page 6 Table of Contents 7.4 Load Balancing ..........................62 7.4.1 Disassociating and Delaying Connections ................63 7.5 DCS ..............................64 7.6 Technical Reference ..........................66 Chapter 8 User..............................69 8.1 Overview ............................69 8.1.1 What You Can Do in this Chapter ....................69 8.1.2 What You Need To Know ......................69 8.2 User Summary ..........................70 8.2.1 Add/Edit User ..........................70 8.3 Setting ..............................72...
- Page 7 Table of Contents 11.1.1 What You Can Do in this Chapter ..................98 11.2 WDS Profile .............................98 11.2.1 Add/Edit WDS Profile ......................99 Chapter 12 Certificates ............................100 12.1 Overview ............................100 12.1.1 What You Can Do in this Chapter ..................100 12.1.2 What You Need to Know ......................100 12.1.3 Verifying a Certificate ......................102 12.2 My Certificates ..........................103 12.2.1 Add My Certificates ......................104...
- Page 8 Table of Contents 13.8.2 SNMP Traps ........................139 13.8.3 Configuring SNMP .......................139 13.8.4 Adding or Editing an SNMPv3 User Profile .................140 Chapter 14 Log and Report ..........................142 14.1 Overview ............................142 14.1.1 What You Can Do In this Chapter ..................142 14.2 Email Daily Report ........................142 14.3 Log Setting ...........................144 14.3.1 Log Setting ..........................144 14.3.2 Edit System Log Settings ....................146...
- Page 9 Table of Contents Chapter 19 Troubleshooting..........................169 19.1 Overview ............................169 19.2 Power, Hardware Connections, and LED ..................169 19.3 NWA Access and Login ........................170 19.4 Internet Access ..........................171 19.5 Wireless Connections ........................172 19.6 Resetting the NWA ........................175 19.7 Getting More Troubleshooting Help ....................175 Appendix A Importing Certificates ....................176 Appendix B IPv6 ..........................189 Appendix C Customer Support ......................198...
-
Page 10: User's Guide
User’s Guide... -
Page 11: Introduction
Introduction 1.1 Overview This User’s Guide covers the following models: NWA5121-N, NWA5121-NI, and NWA5123-NI. Your NWA is a wireless AP (Access Point). It extends the range of your existing wired network without additional wiring, providing easy network access to mobile users. -
Page 12: Management Mode
Chapter 1 Introduction Your NWA is easy to install, configure and use. The embedded Web-based configurator enables simple, straightforward management and maintenance. See the Quick Start Guide for how to make hardware connections. 1.1.1 Management Mode An AP controller can use Control And Provisioning of Wireless Access Points (CAPWAP, see RFC 5415) to discover and configure multiple managed APs. -
Page 13: Dual-Radio
Chapter 1 Introduction Figure 1 Multiple BSSs 1.1.3 Dual-Radio The NWA5123-NI is equipped with dual wireless radios. This means you can configure two different wireless networks to operate simultaneously. Note: A different channel should be configured for each WLAN interface to reduce the effects of radio interference. -
Page 14: Root Ap
Chapter 1 Introduction Figure 2 Dual-Radio Application 1.1.4 Root AP In Root AP mode, the NWA (Z) can act as the root AP in a wireless network and also allow repeaters (X and Y) to extend the range of its wireless network at the same time. In the figure below, both clients A, B and C can access the wired network through the root AP. -
Page 15: Repeater
Chapter 1 Introduction SSID to associate with the NWA in Root AP mode. A repeater must use the repeater SSID to connect to the NWA in Root AP mode. When the NWA is in Root AP mode, repeater security between the NWA and other repeater is independent of the security between the wireless clients and the AP or repeater. -
Page 16: Ways To Manage The Nwa
Chapter 1 Introduction At the time of writing, repeater security is compatible with the NWA only. 1.2 Ways to Manage the NWA You can use the following ways to manage the NWA. Web Configurator The Web Configurator allows easy NWA setup and management using an Internet browser. This User’s Guide provides information about the Web Configurator. -
Page 17: Leds
Chapter 1 Introduction 1.5 LEDs The following are the LED descriptions for your NWA. Figure 5 LED Table 3 LED COLOR STATUS DESCRIPTION Amber There is system error and the NWA cannot boot up, or the NWA doesn’t have an Ethernet connection with the LAN. Flashing The NWA is starting up. - Page 18 Chapter 1 Introduction Always use Maintenance > Shutdown or the shutdown command before you turn off the NWA or remove the power. Not doing so can cause the firmware to become corrupt. Table 4 Starting and Stopping the NWA METHOD DESCRIPTION Turning on the power A cold start occurs when you turn on the power to the NWA.
-
Page 19: The Web Configurator
H A PT ER The Web Configurator 2.1 Overview The NWA Web Configurator allows easy management using an Internet browser. In order to use the Web Configurator, you must: • Use Internet Explorer 7.0 and later versions, Mozilla Firefox 9.0 and later versions, Safari 4.0 and later versions, or Google Chrome 10.0 and later versions. -
Page 20: Navigating The Web Configurator
Chapter 2 The Web Configurator Click Login. If you logged in using the default user name and password, the Update Admin Info screen appears. Otherwise, the dashboard appears. The Update Admin Info screen appears every time you log in using the default user name and default password. -
Page 21: Title Bar
Chapter 2 The Web Configurator Figure 6 The Web Configurator’s Main Screen The Web Configurator’s main screen is divided into these parts: • A - Title Bar • B - Navigation Panel • C - Main Window 2.3.1 Title Bar The title bar provides some useful links that always appear over the screens below, regardless of how deep into the Web Configurator you navigate. - Page 22 Chapter 2 The Web Configurator Table 5 Title Bar: Web Configurator Icons (continued) LABEL DESCRIPTION Object Click this to open a screen where you can check which configuration items reference an Reference object. Click this to open a popup window that displays the CLI commands sent by the Web Configurator.
- Page 23 Chapter 2 The Web Configurator Figure 9 Site Map Object Reference Click Object Reference to open the Object Reference screen. Select the type of object and the individual object and click Refresh to show which configuration settings reference the object. Figure 10 Object Reference NWA5120 Series User’s Guide...
-
Page 24: Navigation Panel
Chapter 2 The Web Configurator The fields vary with the type of object. The following table describes labels that can appear in this screen. Table 7 Object References LABEL DESCRIPTION Object Name This identifies the object for which the configuration settings that use it are displayed. Click the object’s name to display the object’s configuration screen in the main window. - Page 25 Chapter 2 The Web Configurator Figure 12 Navigation Panel Dashboard The dashboard displays general device information, system status, system resource usage, and interface status in widgets that you can re-arrange to suit your needs. For details on the Dashboard’s features, see Chapter 3 on page Monitor Menu The monitor menu screens display status and statistics information.
- Page 26 Chapter 2 The Web Configurator Table 9 Configuration Menu Screens Summary (continued) FOLDER OR LINK FUNCTION AP Management WLAN Setting Edit wireless AP information, remove APs, and reboot them. MON Mode Rogue/Friendly AP Configure how the NWA monitors for rogue APs. List Load Balancing Configure load balancing for traffic moving to and from wireless...
-
Page 27: Warning Messages
Chapter 2 The Web Configurator Table 10 Maintenance Menu Screens Summary (continued) FOLDER OR LINK FUNCTION Reboot Restart the NWA. Shutdown Turn off the NWA. 2.3.3 Warning Messages Warning messages, such as those resulting from misconfiguration, display in a popup window. Figure 13 Warning Message 2.3.4 Tables and Lists The Web Configurator tables and lists are quite flexible and provide several options for how to... - Page 28 Chapter 2 The Web Configurator • Filter by mathematical operators (<, >, or =) or searching for text. Select a column heading cell’s right border and drag to re-size the column. Select a column heading and drag and drop it to change the column order. A green check mark displays next to the column’s title when you drag the column to a valid new location.
- Page 29 Chapter 2 The Web Configurator 2.3.4.2 Working with Table Entries The tables have icons for working with table entries. A sample is shown next. You can often use the [Shift] or [Ctrl] key to select multiple entries to remove, activate, or deactivate. Table 11 Common Table Icons Here are descriptions for the most common table icons.
-
Page 30: Technical Reference
Technical Reference... -
Page 31: Dashboard
H A PT ER Dashboard 3.1 Overview Use the Dashboard screens to check status information about the NWA. 3.1.1 What You Can Do in this Chapter • The main Dashboard screen (Section 3.2 on page 31) displays the NWA’s general device information, system status, system resource usage, and interface status. - Page 32 Chapter 3 Dashboard The following table describes the labels in this screen. Table 13 Dashboard LABEL DESCRIPTION Widget Settings (A) Use this link to re-open closed widgets. Widgets that are already open appear grayed out. Up Arrow (B) Click this to collapse a widget. Refresh Time Set the interval for refreshing the information displayed in the widget.
- Page 33 Chapter 3 Dashboard Table 13 Dashboard (continued) LABEL DESCRIPTION Boot Status This field displays details about the NWA’s startup state. OK - The NWA started up successfully. Firmware update OK - A firmware update was successful. Problematic configuration after firmware update - The application of the configuration failed after a firmware upgrade.
-
Page 34: Cpu Usage
Chapter 3 Dashboard Table 13 Dashboard (continued) LABEL DESCRIPTION Band This indicates the wireless frequency band currently being used by the radio. This shows - when the radio is in monitor mode. OP Mode This indicates the radio’s operating mode. Operating modes are AP (MBSSID), MON (monitor), Root AP or Repeater. - Page 35 Chapter 3 Dashboard Figure 17 Dashboard > Memory Usage The following table describes the labels in this screen. Table 15 Dashboard > Memory Usage LABEL DESCRIPTION The y-axis represents the percentage of RAM usage. The x-axis shows the time period over which the RAM usage occurred Refresh Interval Enter how often you want this window to be automatically updated.
-
Page 36: Monitor
H A PT ER Monitor 4.1 Overview Use the Monitor screens to check status and statistics information. 4.1.1 What You Can Do in this Chapter • The Network Status screen (Section 4.3 on page 37) displays general LAN interface information and packet statistics. -
Page 37: Network Status
Chapter 4 Monitor 4.3 Network Status Use this screen to look at general Ethernet interface information and packet statistics. To access this screen, click Monitor > Network Status. Figure 18 Monitor > Network Status The following table describes the labels in this screen. Table 16 Monitor >... -
Page 38: Network Status Graph
Chapter 4 Monitor Table 16 Monitor > Network Status (continued) LABEL DESCRIPTION Action Use this field to get or to update the IP address for the interface. Click Renew to send a new DHCP request to a DHCP server. If the interface cannot use one of these ways to get or to update its IP address, this field displays n/a. -
Page 39: Radio List
Chapter 4 Monitor Figure 19 Monitor > Network Status > Switch to Graphic View The following table describes the labels in this screen. Table 17 Monitor > Network Status > Switch to Graphic View LABEL DESCRIPTION Refresh Interval Enter how often you want this window to be automatically updated. Refresh Now Click this to update the information in the window right away. -
Page 40: Ap Mode Radio Information
Chapter 4 Monitor Figure 20 Monitor > Wireless > AP Information > Radio List The following table describes the labels in this screen. Table 18 Monitor > Wireless > AP Information > Radio List LABEL DESCRIPTION More Click this to view additional information about the selected radio’s wireless traffic and Information station count. - Page 41 Chapter 4 Monitor Figure 21 Monitor > Wireless > AP Information > Radio List > More Information NWA5120 Series User’s Guide...
-
Page 42: Station List
Chapter 4 Monitor The following table describes the labels in this screen. Table 19 Monitor > Wireless > AP Information > Radio List > More Information LABEL DESCRIPTION SSID Detail This list shows information about all the wireless clients that have connected to the specified radio over the preceding 24 hours. -
Page 43: Wds Link Info
Chapter 4 Monitor The following table describes the labels in this screen. Table 20 Monitor > Wireless > Station Info LABEL DESCRIPTION This is the station’s index number in this list. MAC Address This is the station’s MAC address. Radio This is the radio number on the NWA to which the station is connected. -
Page 44: Detected Device
Chapter 4 Monitor The following table describes the labels in this screen. Table 21 Monitor > Wireless > WDS Link Info LABEL DESCRIPTION WDS Uplink Info Uplink refers to the WDS link from the repeaters to the root AP. WDS Downlink Downlink refers to the WDS link from the root AP to the repeaters. -
Page 45: View Log
Chapter 4 Monitor Figure 24 Monitor > Wireless > Detected Device The following table describes the labels in this screen. Table 22 Monitor > Wireless > Detected Device LABEL DESCRIPTION Mark as Rogue Click this button to mark the selected AP as a rogue AP. A rogue AP can be contained in the Configuration >... - Page 46 Chapter 4 Monitor To access this screen, click Monitor > Log. The log is displayed in the following screen. Note: When a log reaches the maximum number of log messages, new log messages automatically overwrite existing log messages, starting with the oldest existing log message first.
- Page 47 Chapter 4 Monitor The following table describes the labels in this screen. Table 23 Monitor > Log > View Log LABEL DESCRIPTION Show Filter / Click this button to show or hide the filter settings. Hide Filter If the filter settings are hidden, the Display, Email Log Now, Refresh, and Clear Log fields are available.
- Page 48 Chapter 4 Monitor The Web Configurator saves the filter settings if you leave the View Log screen and return to it later. NWA5120 Series User’s Guide...
-
Page 49: Management Mode
H A PT ER Management Mode 5.1 Overview This chapter discusses using the NWA in management mode, which determines whether the NWA is used in its default standalone mode, or as part of a Control And Provisioning of Wireless Access Points (CAPWAP) network. -
Page 50: Managed Ap Finds The Controller
Chapter 5 Management Mode An AP in managed AP mode joins a wired network (receives a dynamic IP address). The AP sends out a discovery request, looking for a CAPWAP AP controller. If there is an AP controller on the network, it receives the discovery request. If the AP controller is in Manual mode it adds the details of the AP to its Unmanaged Access Points list, and you decide which available APs to manage. -
Page 51: Notes On Capwap
Chapter 5 Management Mode Figure 27 CAPWAP and DHCP Option 138 5.2.4 Notes on CAPWAP This section lists some additional features of ZyXEL’s implementation of the CAPWAP protocol. • When the AP controller uses its internal Remote Authentication Dial In User Service (RADIUS) server, managed APs also use the AP controller’s authentication server to authenticate wireless clients. - Page 52 Chapter 5 Management Mode Figure 28 Configuration > MGNT Mode Each field is described in the following table. Table 24 Configuration > MGNT Mode LABEL DESCRIPTION Standalone AP Select this to manage the NWA using its own web configurator, neither managing nor managed by other devices.
-
Page 53: Network
H A PT ER Network 6.1 Overview This chapter describes how you can configure the management IP address and VLAN settings of your NWA. The Internet Protocol (IP) address identifies a device on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. - Page 54 Chapter 6 Network Figure 30 Configuration > Network > IP Setting Each field is described in the following table. Table 25 Configuration > Network > IP Setting LABEL DESCRIPTION IP Address Assignment Select this to make the interface a DHCP client and automatically get the IP address, Automatically subnet mask, and gateway address from a DHCP server.
-
Page 55: Vlan
Chapter 6 Network Table 25 Configuration > Network > IP Setting (continued) LABEL DESCRIPTION Link-Local This displays the IPv6 link-local address and the network prefix that the NWA generates Address itself for the LAN interface. IPv6 Address/ Enter the IPv6 address and the prefix length for the LAN interface if you want to use a Prefix Length static IP address. - Page 56 Chapter 6 Network A Virtual Local Area Network (VLAN) allows a physical network to be partitioned into multiple logical networks. Devices on a logical network belong to one group. A device can belong to more than one group. With VLAN, a device cannot directly talk to or hear from devices that are not in the same group(s);...
-
Page 57: Wireless
H A PT ER Wireless 7.1 Overview This chapter discusses how to configure the wireless network settings in your NWA. The following figure provides an example of a wireless network. Figure 33 Example of a Wireless Network The wireless network is the part in the blue circle. In this wireless network, devices A and B are called wireless clients. -
Page 58: What You Need To Know
Chapter 7 Wireless 7.1.2 What You Need to Know The following terms and concepts may help as you read this chapter. Station / Wireless Client A station or wireless client is any wireless-capable device that can connect to an AP using a wireless signal. - Page 59 Chapter 7 Wireless Each field is described in the following table. Table 27 Configuration > Wireless > AP Management LABEL DESCRIPTION Model This field displays the NWA’s model name. Radio 1 Activate Select the check box to enable the NWA’s first (default) radio. Radio 1 OP Mode Select the operating mode for radio 1.
-
Page 60: Mon Mode
Chapter 7 Wireless Table 27 Configuration > Wireless > AP Management (continued) LABEL DESCRIPTION Radio 2 WDS Profile This field is available only when the radio is in Root AP or Repeater mode. Select the WDS profile the radio uses to connect to a root AP or repeater. Uplink Selection This field is available only when the radio is in Repeater mode. -
Page 61: Add/Edit Rogue/Friendly List
Chapter 7 Wireless Each field is described in the following table. Table 28 Configuration > Wireless > MON Mode LABEL DESCRIPTION Rogue/Friendly AP List Click this button to add an AP to the list and assign it either friendly or rogue status. -
Page 62: Load Balancing
Chapter 7 Wireless Table 29 Configuration > Wireless > MON Mode > Add/Edit Rogue/Friendly AP List (continued) LABEL DESCRIPTION Role Select either Rogue AP or Friendly AP for the AP’s role. Click OK to save your changes back to the NWA. Cancel Click Cancel to close the window with changes unsaved. -
Page 63: Disassociating And Delaying Connections
Chapter 7 Wireless Table 30 Configuration > Wireless > Load Balancing (continued) LABEL DESCRIPTION Disassociate Select this option to disassociate wireless clients connected to the AP when it becomes station when overloaded. If you do not enable this option, then the AP simply delays the connection overloaded until it can afford the bandwidth it requires, or it transfers the connection to another AP within its broadcast radius. -
Page 64: Dcs
Chapter 7 Wireless Figure 39 Kicking a Connection Connections are kicked based on either idle timeout or signal strength. The NWA first looks to see which devices have been idle the longest, then starts kicking them in order of highest idle time. If no connections are idle, the next criteria the NWA analyzes is signal strength. - Page 65 Chapter 7 Wireless Figure 40 Configuration > Wireless > DCS Each field is described in the following table. Table 31 Configuration > Wireless > DCS LABEL DESCRIPTION Select Now Click this to have the NWA scan for and select an available channel immediately. Enable Dynamic Select this to have the NWA automatically select the radio channel upon which it Channel Selection...
-
Page 66: Technical Reference
Chapter 7 Wireless Table 31 Configuration > Wireless > DCS (continued) LABEL DESCRIPTION 2.4 GHz Channel Select how you want to specify the channels the NWA switches between for 2.4 GHz Selection Method operation. Select auto to have the NWA display a 2.4 GHz Channel Deployment field you can use to limit channel switching to 3 or 4 channels. - Page 67 Chapter 7 Wireless In the 2.4 GHz spectrum, each channel from 1 to 13 is broken up into discrete 22 MHz segments that are spaced 5 MHz apart. Channel 1 is centered on 2.412 GHz while channel 13 is centered on 2.472 GHz.
- Page 68 Chapter 7 Wireless Load Balancing Because there is a hard upper limit on an AP’s wireless bandwidth, load balancing can be crucial in areas crowded with wireless users. Rather than let every user connect and subsequently dilute the available bandwidth to the point where each connecting device receives a meager trickle, the load balanced AP instead limits the incoming connections as a means to maintain bandwidth integrity.
-
Page 69: User
H A PT ER User 8.1 Overview This chapter describes how to set up user accounts and user settings for the NWA. 8.1.1 What You Can Do in this Chapter • The User screen (see Section 8.2 on page 70) provides a summary of all user accounts. •... -
Page 70: User Summary
Chapter 8 User 8.2 User Summary The User screen provides a summary of all user accounts. To access this screen click Configuration > Object > User. Figure 44 Configuration > Object > User The following table describes the labels in this screen. Table 33 Configuration >... - Page 71 Chapter 8 User • Alphanumeric A-z 0-9 (there is no unicode support) • _ [underscores] • - [dashes] The first character must be alphabetical (A-Z a-z), an underscore (_), or a dash (-). Other limitations on user names are: • User names are case-sensitive. If you enter a user 'bob' but use 'BOB' when connecting via CIFS or FTP, it will use the account settings used for 'BOB' not ‘bob’.
-
Page 72: Setting
Chapter 8 User The following table describes the labels in this screen. Table 34 Configuration > User > User > Add/Edit A User LABEL DESCRIPTION User Name Type the user name for this user account. You may use 1-31 alphanumeric characters, underscores( ), or dashes (-), but the first character cannot be a number. - Page 73 Chapter 8 User Figure 46 Configuration > Object > User > Setting The following table describes the labels in this screen. Table 35 Configuration > Object > User > Setting LABEL DESCRIPTION User Default Setting Default Authentication These authentication timeout settings are used by default when you create a Timeout Settings new user account.
-
Page 74: Edit User Authentication Timeout Settings
Chapter 8 User Table 35 Configuration > Object > User > Setting (continued) LABEL DESCRIPTION User Logon Settings Limit the number of Select this check box if you want to set a limit on the number of simultaneous simultaneous logons for logins by admin users. - Page 75 Chapter 8 User The following table describes the labels in this screen. Table 36 User > Setting > Edit User Authentication Timeout Settings LABEL DESCRIPTION User Type This read-only field identifies the type of user account for which you are configuring the default settings.
-
Page 76: Ap Profile
H A PT ER AP Profile 9.1 Overview This chapter shows you how to configure preset profiles for the NWA. 9.1.1 What You Can Do in this Chapter • The Radio screen (Section 9.2 on page 77) creates radio configurations that can be used by the APs. -
Page 77: Radio
Chapter 9 AP Profile WEP (Wired Equivalent Privacy) encryption scrambles all data packets transmitted between the AP and the wireless stations associated with it in order to keep network communications private. Both the wireless stations and the access points must use the same WEP key for data encryption and decryption. -
Page 78: Add/Edit Radio Profile
Chapter 9 AP Profile Table 37 Configuration > Object > AP Profile > Radio (continued) LABEL DESCRIPTION Remove Click this to remove the selected radio profile. Activate To turn on an entry, select it and click Activate. Inactivate To turn off an entry, select it and click Inactivate. Object Reference Click this to view which other objects are linked to the selected radio profile. - Page 79 Chapter 9 AP Profile Figure 49 Configuration > Object > AP Profile > Add/Edit Profile NWA5120 Series User’s Guide...
- Page 80 Chapter 9 AP Profile The following table describes the labels in this screen. Table 38 Configuration > Object > AP Profile > Add/Edit Profile LABEL DESCRIPTION Hide / Show Click this to hide or show the Advanced Settings in this window. Advanced Settings Create New Object Select an item from this menu to create a new object of that type.
- Page 81 Chapter 9 AP Profile Table 38 Configuration > Object > AP Profile > Add/Edit Profile (continued) LABEL DESCRIPTION Enable A-MSDU Select this to enable A-MSDU aggregation. Aggregation Mac Service Data Unit (MSDU) aggregation collects Ethernet frames without any of their 802.11n headers and wraps the header-less payload in a single 802.11n MAC header.
-
Page 82: Ssid
Chapter 9 AP Profile Table 38 Configuration > Object > AP Profile > Add/Edit Profile (continued) LABEL DESCRIPTION Rate Configuration This section controls the data rates permitted for clients. For each rate, select a rate option from its list. The rates are: •... -
Page 83: Add/Edit Ssid Profile
Chapter 9 AP Profile Note: You can have a maximum of 32 SSID profiles on the NWA. Figure 50 Configuration > Object > AP Profile > SSID List The following table describes the labels in this screen. Table 39 Configuration > Object > AP Profile > SSID List LABEL DESCRIPTION Click this to add a new SSID profile. - Page 84 Chapter 9 AP Profile Figure 51 Configuration > Object > AP Profile > Add/Edit SSID Profile The following table describes the labels in this screen. Table 40 Configuration > Object > AP Profile > Add/Edit SSID Profile LABEL DESCRIPTION Create new Select an object type from the list to create a new one associated with this SSID profile.
-
Page 85: Security List
Chapter 9 AP Profile Table 40 Configuration > Object > AP Profile > Add/Edit SSID Profile (continued) LABEL DESCRIPTION Select a Quality of Service (QoS) access category to associate with this SSID. Access categories minimize the delay of data packets across a wireless network. Certain categories, such as video or voice, are given a higher priority due to the time sensitive nature of their data packets. -
Page 86: Add/Edit Security Profile
Chapter 9 AP Profile Figure 52 Configuration > Object > AP Profile > SSID > Security List The following table describes the labels in this screen. Table 41 Configuration > Object > AP Profile > SSID > Security List LABEL DESCRIPTION Click this to add a new security profile. - Page 87 Chapter 9 AP Profile Figure 53 SSID > Security Profile > Add/Edit Security Profile The following table describes the labels in this screen. Table 42 SSID > Security Profile > Add/Edit Security Profile LABEL DESCRIPTION Profile Name Enter up to 31 alphanumeric characters for the profile name. This name is only visible in the Web Configurator and is only for management purposes.
- Page 88 Chapter 9 AP Profile Table 42 SSID > Security Profile > Add/Edit Security Profile (continued) LABEL DESCRIPTION Radius Server Type This shows External and the NWA uses an external RADIUS server for authentication. Primary / Select this to have the NWA use the specified RADIUS server. Secondary Radius Server Activate Radius Server...
-
Page 89: Mac Filter List
Chapter 9 AP Profile Table 42 SSID > Security Profile > Add/Edit Security Profile (continued) LABEL DESCRIPTION Cipher Type Select an encryption cipher type from the list. • auto - This automatically chooses the best available cipher based on the cipher in use by the wireless client that is attempting to make a connection. -
Page 90: Add/Edit Mac Filter Profile
Chapter 9 AP Profile Table 43 Configuration > Object > AP Profile > SSID > MAC Filter List (continued) LABEL DESCRIPTION This field is a sequential value, and it is not associated with a specific user. Profile Name This field indicates the name assigned to the MAC filtering profile. Filter Action This field indicates this profile’s filter action (if any). -
Page 91: Layer-2 Isolation List
Chapter 9 AP Profile Table 44 SSID > MAC Filter List > Add/Edit MAC Filter Profile (continued) LABEL DESCRIPTION Description This field displays a description for the MAC address associated with this profile. You can click the description to make it editable. Enter up to 60 characters, spaces and underscores allowed. -
Page 92: Add/Edit Layer-2 Isolation Profile
Chapter 9 AP Profile Figure 57 Configuration > Object > AP Profile > SSID > Layer-2 Isolation List The following table describes the labels in this screen. Table 45 Configuration > Object > AP Profile > SSID > Layer-2 Isolation List LABEL DESCRIPTION Click this to add a new MAC filtering profile. - Page 93 Chapter 9 AP Profile Figure 58 SSID > MAC Filter List > Add/Edit Layer-2 Isolation Profile The following table describes the labels in this screen. Table 46 SSID > MAC Filter List > Add/Edit Layer-2 Isolation Profile LABEL DESCRIPTION Profile Name Enter up to 31 alphanumeric characters for the profile name.
-
Page 94: Mon Profile
HAPTER MON Profile 10.1 Overview This screen allows you to set up monitor mode configurations that allow your NWA to scan for other wireless devices in the vicinity. Once detected, you can use the Wireless > MON Mode screen (Section 7.3 on page 60) to classify them as either rogue or friendly. -
Page 95: Add/Edit Mon Profile
Chapter 10 MON Profile Table 47 Configuration > Object > MON Profile (continued) LABEL DESCRIPTION Inactivate To turn off an entry, select it and click Inactivate. Object Reference Click this to view which other objects are linked to the selected monitor mode profile (for example, an AP management profile). -
Page 96: Technical Reference
Chapter 10 MON Profile The following table describes the labels in this screen. Table 48 Configuration > Object > MON Profile > Add/Edit MON Profile LABEL DESCRIPTION Activate Select this to activate this monitor mode profile. Profile Name This field indicates the name assigned to the monitor mode profile. Channel dwell time Enter the interval (in milliseconds) before the NWA switches to another channel for monitoring. - Page 97 Chapter 10 MON Profile Figure 61 Rogue AP Example In the example above, a corporate network’s security is compromised by a rogue AP (RG) set up by an employee at his workstation in order to allow him to connect his notebook computer wirelessly (A).
-
Page 98: Wds Profile
HAPTER WDS Profile 11.1 Overview This chapter shows you how to configure WDS profiles for the NWA to form a WDS with other APs. 11.1.1 What You Can Do in this Chapter The WDS Profile screen (Section 11.2 on page 98) creates preset WDS configurations that can be used by the NWA. -
Page 99: Add/Edit Wds Profile
Chapter 11 WDS Profile 11.2.1 Add/Edit WDS Profile This screen allows you to create a new WDS profile or edit an existing one. To access this screen, click the Add button or select and existing profile and click the Edit button. Figure 63 Configuration >... -
Page 100: Certificates
HAPTER Certificates 12.1 Overview The NWA can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 12.1.1 What You Can Do in this Chapter •... - Page 101 Chapter 12 Certificates Additionally, Jenny uses her own private key to sign a message and Tim uses Jenny’s public key to verify the message. The NWA uses certificates based on public-key cryptology to authenticate users attempting to establish a connection, not to encrypt the data that you send after establishing a connection. The method used to secure the data that you send through an established connection depends on the type of connection.
-
Page 102: Verifying A Certificate
Chapter 12 Certificates • Binary PKCS#12: This is a format for transferring public key and private key certificates.The private key in a PKCS #12 file is within a password-encrypted envelope. The file’s password is not connected to your certificate’s public or private passwords. Exporting a PKCS #12 file creates this and you must provide it to decrypt the contents when you import the file into the NWA. -
Page 103: My Certificates
Chapter 12 Certificates 12.2 My Certificates Click Configuration > Object > Certificate > My Certificates to open this screen. This is the NWA’s summary list of certificates and certification requests. Figure 64 Configuration > Object > Certificate > My Certificates The following table describes the labels in this screen. -
Page 104: Add My Certificates
Chapter 12 Certificates Table 51 Configuration > Object > Certificate > My Certificates (continued) LABEL DESCRIPTION Subject This field displays identifying information about the certificate’s owner, such as CN (Common Name), OU (Organizational Unit or department), O (Organization or company) and C (Country). - Page 105 Chapter 12 Certificates Figure 65 Configuration > Object > Certificate > My Certificates > Add NWA5120 Series User’s Guide...
- Page 106 Chapter 12 Certificates The following table describes the labels in this screen. Table 52 Configuration > Object > Certificate > My Certificates > Add LABEL DESCRIPTION Name Type a name to identify this certificate. You can use up to 31 alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=- characters.
- Page 107 Chapter 12 Certificates Table 52 Configuration > Object > Certificate > My Certificates > Add (continued) LABEL DESCRIPTION Create a certification Select this to have the NWA generate a request for a certificate and apply to a request and enroll for certification authority for a certificate.
-
Page 108: Edit My Certificates
Chapter 12 Certificates 12.2.2 Edit My Certificates Click Configuration > Object > Certificate > My Certificates and then the Edit icon to open the My Certificate Edit screen. You can use this screen to view in-depth certificate information and change the certificate’s name. Figure 66 Configuration >... - Page 109 Chapter 12 Certificates The following table describes the labels in this screen. Table 53 Configuration > Object > Certificate > My Certificates > Edit LABEL DESCRIPTION Name This field displays the identifying name of this certificate. You can use up to 31 alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=- characters.
-
Page 110: Import Certificates
Chapter 12 Certificates Table 53 Configuration > Object > Certificate > My Certificates > Edit LABEL DESCRIPTION MD5 Fingerprint This is the certificate’s message digest that the NWA calculated using the MD5 algorithm. SHA1 Fingerprint This is the certificate’s message digest that the NWA calculated using the SHA1 algorithm. -
Page 111: Trusted Certificates
Chapter 12 Certificates Figure 67 Configuration > Object > Certificate > My Certificates > Import The following table describes the labels in this screen. Table 54 Configuration > Object > Certificate > My Certificates > Import LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it. - Page 112 Chapter 12 Certificates Figure 68 Configuration > Object > Certificate > Trusted Certificates The following table describes the labels in this screen. Table 55 Configuration > Object > Certificate > Trusted Certificates LABEL DESCRIPTION PKI Storage This bar displays the percentage of the NWA’s PKI storage space that is currently in use. Space in Use When the storage space is almost full, you should consider deleting expired or unnecessary certificates before adding more certificates.
-
Page 113: Edit Trusted Certificates
Chapter 12 Certificates 12.3.1 Edit Trusted Certificates Click Configuration > Object > Certificate > Trusted Certificates and then a certificate’s Edit icon to open the Trusted Certificates Edit screen. Use this screen to view in-depth information about the certificate, change the certificate’s name and set whether or not you want the NWA to check a certification authority’s list of revoked certificates before trusting a certificate issued by the certification authority. - Page 114 Chapter 12 Certificates The following table describes the labels in this screen. Table 56 Configuration > Object > Certificate > Trusted Certificates > Edit LABEL DESCRIPTION Name This field displays the identifying name of this certificate. You can change the name. You can use up to 31 alphanumeric and ;‘~!@#$%^&()_+[]{}’,.=- characters.
-
Page 115: Import Trusted Certificates
Chapter 12 Certificates Table 56 Configuration > Object > Certificate > Trusted Certificates > Edit (continued) LABEL DESCRIPTION Signature Algorithm This field displays the type of algorithm that was used to sign the certificate. Some certification authorities use rsa-pkcs1-sha1 (RSA public-private key encryption algorithm and the SHA1 hash algorithm). -
Page 116: Technical Reference
Chapter 12 Certificates Figure 70 Configuration > Object > Certificate > Trusted Certificates > Import The following table describes the labels in this screen. Table 57 Configuration > Object > Certificate > Trusted Certificates > Import LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it. -
Page 117: System
HAPTER System 13.1 Overview Use the system screens to configure general NWA settings. 13.1.1 What You Can Do in this Chapter • The Host Name screen (Section 13.2 on page 117) configures a unique name for the NWA in your network. •... -
Page 118: Date And Time
Chapter 13 System The following table describes the labels in this screen. Table 58 Configuration > System > Host Name LABEL DESCRIPTION System Name Choose a descriptive name to identify your NWA device. This name can be up to 64 alphanumeric characters long. - Page 119 Chapter 13 System The following table describes the labels in this screen. Table 59 Configuration > System > Date/Time LABEL DESCRIPTION Current Time and Date Current Time This field displays the present time of your NWA. Current Date This field displays the present date of your NWA. Time and Date Setup Manual...
-
Page 120: Pre-Defined Ntp Time Servers List
Chapter 13 System Table 59 Configuration > System > Date/Time (continued) LABEL DESCRIPTION End Date Configure the day and time when Daylight Saving Time ends if you selected Enable Daylight Saving. The at field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the first Sunday of November. -
Page 121: Www Overview
Chapter 13 System The Current Time and Current Date fields will display the appropriate settings if the synchronization is successful. If the synchronization was not successful, a log displays in the View Log screen. Try re-configuring the Date/Time screen. To manually set the NWA date and time: Click System >... -
Page 122: Service Access Limitations
Chapter 13 System Figure 74 Secure and Insecure Service Access From the WAN 13.4.1 Service Access Limitations A service cannot be used to access the NWA when you have disabled that service in the corresponding screen. 13.4.2 System Timeout There is a lease timeout for administrators. The NWA automatically logs you out if the management session remains idle for longer than this timeout period. -
Page 123: Configuring Www Service Control
Chapter 13 System Please refer to the following figure. HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the NWA’s web server. HTTP connection requests from a web browser go to port 80 (by default) on the NWA’s web server. Figure 75 HTTP/HTTPS Implementation Note: If you disable HTTP in the WWW screen, then the NWA blocks all HTTP connection attempts. -
Page 124: Https Example
Chapter 13 System The following table describes the labels in this screen. Table 61 Configuration > System > WWW > Service Control LABEL DESCRIPTION HTTPS Enable Select the check box to allow or disallow the computer with the IP address that matches the IP address(es) in the Service Control table to access the NWA Web Configurator using secure HTTPs connections. - Page 125 Chapter 13 System Figure 77 Security Alert Dialog Box (Internet Explorer) Select Continue to this website. to proceed to the Web Configurator login screen. Otherwise, select Click here to close this webpage. to block the access. 13.4.5.2 Mozilla Firefox Warning Messages When you attempt to access the NWA HTTPS server, a The Connection is Untrusted screen appears as shown in the following screen.
- Page 126 Chapter 13 System Figure 78 Security Certificate 1 (Firefox) Figure 79 Security Certificate 2 (Firefox) 13.4.5.3 Avoiding Browser Warning Messages Here are the main reasons your browser displays warnings about the NWA’s HTTPS server certificate and what you can do to avoid seeing the warnings: •...
- Page 127 Chapter 13 System • For the browser to trust a self-signed certificate, import the self-signed certificate into your operating system as a trusted certificate. • To have the browser trust the certificates issued by a certificate authority, import the certificate authority’s certificate into your operating system as a trusted certificate.
- Page 128 Chapter 13 System 13.4.5.5 Installing the CA’s Certificate Double click the CA’s trusted certificate to produce a screen similar to the one shown next. Click Install Certificate and follow the wizard as shown earlier in this appendix. 13.4.5.6 Installing a Personal Certificate You need a password in advance.
- Page 129 Chapter 13 System Click Next to begin the wizard. The file name and path of the certificate you double-clicked should automatically appear in the File name text box. Click Browse if you wish to import a different certificate. NWA5120 Series User’s Guide...
- Page 130 Chapter 13 System Enter the password given to you by the CA. Have the wizard determine where the certificate should be saved on your computer or select Place all certificates in the following store and choose a different location. NWA5120 Series User’s Guide...
- Page 131 Chapter 13 System Click Finish to complete the wizard and begin the import process. You should see the following screen when the certificate is correctly installed on your computer. 13.4.5.7 Using a Certificate When Accessing the NWA To access the NWA via HTTPS: Enter ‘https://NWA IP Address/ in your browser’s web address field.
-
Page 132: Ssh
Chapter 13 System When Authenticate Client Certificates is selected on the NWA, the following screen asks you to select a personal certificate to send to the NWA. This screen displays even if you only have a single certificate as in the example. You next see the Web Configurator login screen. -
Page 133: Ssh Implementation On The Nwa
Chapter 13 System Figure 82 How SSH v1 Works Example Host Identification The SSH client sends a connection request to the SSH server. The server identifies itself with a host key. The client encrypts a randomly generated session key with the host key and server key and sends the result back to the server. -
Page 134: Requirements For Using Ssh
Chapter 13 System 13.5.3 Requirements for Using SSH You must install an SSH client program on a client computer (Windows or Linux operating system) that is used to connect to the NWA over SSH. 13.5.4 Configuring SSH Click Configuration > System > SSH to open the following screen. Use this screen to configure your NWA’s Secure Shell settings. - Page 135 Chapter 13 System Launch the SSH client and specify the connection information (IP address, port number) for the NWA. Configure the SSH client to accept connection using SSH version 1. A window displays prompting you to store the host key in you computer. Click Yes to continue. Figure 84 SSH Example 1: Store Host Key Enter the password to log in to the NWA.
-
Page 136: Telnet
Chapter 13 System The CLI screen displays next. 13.6 Telnet You can use Telnet to access the NWA’s command line interface. Click Configuration > System > TELNET to configure your NWA for remote Telnet access. Use this screen to enable or disable Telnet and set the server port number. -
Page 137: Snmp
Chapter 13 System Figure 88 Configuration > System > FTP The following table describes the labels in this screen. Table 64 Configuration > System > FTP LABEL DESCRIPTION Enable Select the check box to allow or disallow the computer with the IP address that matches the IP address(es) in the Service Control table to access the NWA using this service. -
Page 138: Supported Mibs
Chapter 13 System Figure 89 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the NWA). An agent translates the local management information from the managed device into a form compatible with SNMP. -
Page 139: Snmp Traps
Chapter 13 System is to let administrators collect statistical data and monitor status and performance. You can download the NWA’s MIBs from www.zyxel.com. 13.8.2 SNMP Traps The NWA will send traps to the SNMP manager when any one of the following events occurs. Table 65 SNMP Traps OBJECT LABEL OBJECT ID... -
Page 140: Adding Or Editing An Snmpv3 User Profile
Chapter 13 System Table 66 Configuration > System > SNMP (continued) LABEL DESCRIPTION Trap Community Type the trap community, which is the password sent with each trap to the SNMP manager. The default is public and allows all requests. Destination Type the IP address of the station to send your SNMP traps to. - Page 141 Chapter 13 System The following table describes the labels in this screen. Table 67 Configuration > System > SNMP LABEL DESCRIPTION User Name Select the user name of the user account for which this SNMPv3 user profile is configured. Authentication Select the type of authentication the SNMPv3 user must use to connect to the NWA using this SNMPv3 user profile.
-
Page 142: Log And Report
HAPTER Log and Report 14.1 Overview Use the system screens to configure daily reporting and log settings. 14.1.1 What You Can Do In this Chapter • The Email Daily Report screen (Section 14.2 on page 142) configures how and where to send daily reports and what reports to send. - Page 143 Chapter 14 Log and Report Figure 92 Configuration > Log & Report > Email Daily Report The following table describes the labels in this screen. Table 68 Configuration > Log & Report > Email Daily Report LABEL DESCRIPTION Enable Email Select this to send reports by e-mail every day.
-
Page 144: Log Setting
Chapter 14 Log and Report Table 68 Configuration > Log & Report > Email Daily Report (continued) LABEL DESCRIPTION Mail From Type the e-mail address from which the outgoing e-mail is delivered. This address is used in replies. Mail To Type the e-mail address (or addresses) to which the outgoing e-mail is delivered. - Page 145 Chapter 14 Log and Report Figure 93 Configuration > Log & Report > Log Setting The following table describes the labels in this screen. Table 69 Configuration > Log & Report > Log Setting LABEL DESCRIPTION Edit Double-click an entry or select it and click Edit to open a screen where you can modify the entry’s settings.
-
Page 146: Edit System Log Settings
Chapter 14 Log and Report 14.3.2 Edit System Log Settings This screen controls the detailed settings for each log in the system log (which includes the e-mail profiles). Select a system log entry in the Log Setting screen and click the Edit icon. Figure 94 Configuration >... - Page 147 Chapter 14 Log and Report The following table describes the labels in this screen. Table 70 Configuration > Log & Report > Log Setting > Edit System Log Setting LABEL DESCRIPTION E-Mail Server 1/2 Active Select this to send log messages and alerts according to the information in this section.
-
Page 148: Edit Remote Server
Chapter 14 Log and Report Table 70 Configuration > Log & Report > Log Setting > Edit System Log Setting (continued) LABEL DESCRIPTION E-mail Server 2 Use the E-Mail Server 2 drop-down list to change the settings for e-mailing logs to e-mail server 2 for all log categories. - Page 149 Chapter 14 Log and Report Figure 95 Configuration > Log & Report > Log Setting > Edit Remote Server NWA5120 Series User’s Guide...
-
Page 150: Active Log Summary
Chapter 14 Log and Report The following table describes the labels in this screen. Table 71 Configuration > Log & Report > Log Setting > Edit Remote Server LABEL DESCRIPTION Log Settings for Remote Server Active Select this check box to send log information according to the information in this section. You specify what kinds of messages are included in log information in the Active Log section. - Page 151 Chapter 14 Log and Report Figure 96 Active Log Summary This screen provides a different view and a different way of indicating which messages are included in each log and each alert. (The Default category includes debugging messages generated by open source software.) NWA5120 Series User’s Guide...
- Page 152 Chapter 14 Log and Report The following table describes the fields in this screen. Table 72 Configuration > Log & Report > Log Setting > Active Log Summary LABEL DESCRIPTION Active Log If the NWA is set to controller mode, the AC section controls logs generated by the Summary controller and the AP section controls logs generated by the managed APs.
- Page 153 Chapter 14 Log and Report Table 72 Configuration > Log & Report > Log Setting > Active Log Summary (continued) LABEL DESCRIPTION E-mail Server 1 Select whether each category of events should be included in the log messages when it is E-mail e-mailed (green check mark) and/or in alerts (red exclamation point) for the e-mail settings specified in E-Mail Server 1.
-
Page 154: File Manager
HAPTER File Manager 15.1 Overview Configuration files define the NWA’s settings. Shell scripts are files of commands that you can store on the NWA and run when you need them. You can apply a configuration file or run a shell script without the NWA restarting. -
Page 155: Configuration File
Chapter 15 File Manager While configuration files and shell scripts have the same syntax, the NWA applies configuration files differently than it runs shell scripts. This is explained below. Table 73 Configuration Files and Shell Scripts in the NWA Configuration Files (.conf) Shell Scripts (.zysh) •... - Page 156 Chapter 15 File Manager configuration files from the NWA to your computer and upload configuration files from your computer to the NWA. Once your NWA is configured and functioning properly, it is highly recommended that you back up your configuration file before making further configuration changes. The backup configuration file will be useful in case you need to return to your previous settings.
- Page 157 Chapter 15 File Manager The following table describes the labels in this screen. Table 74 Maintenance > File Manager > Configuration File LABEL DESCRIPTION Rename Use this button to change the label of a configuration file on the NWA. You can only rename manually saved configuration files.
- Page 158 Chapter 15 File Manager Table 74 Maintenance > File Manager > Configuration File (continued) LABEL DESCRIPTION Apply Use this button to have the NWA use a specific configuration file. Click a configuration file’s row to select it and click Apply to have the NWA use that configuration file.
-
Page 159: Example Of Configuration File Download Using Ftp
Chapter 15 File Manager Table 74 Maintenance > File Manager > Configuration File (continued) LABEL DESCRIPTION File Name This column displays the label that identifies a configuration file. You cannot delete the following configuration files or change their file names. The system-default.conf file contains the NWA’s default settings. -
Page 160: Firmware Package
Chapter 15 File Manager Use "get” to download files. Transfer the configuration file on the NWA to your computer. Type get followed by the name of the configuration file. This examples uses get startup-config.conf. C:\>ftp 192.168.1.2 Connected to 192.168.1.2. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 1 of 5 allowed. - Page 161 Chapter 15 File Manager Figure 98 Maintenance > File Manager > Firmware Package The following table describes the labels in this screen. Table 75 Maintenance > File Manager > Firmware Package LABEL DESCRIPTION Boot This is the version of the boot module that is currently on the NWA. Module Current This is the firmware version and the date created.
-
Page 162: Example Of Firmware Upload Using Ftp
Chapter 15 File Manager 15.3.1 Example of Firmware Upload Using FTP This procedure requires the NWA’s firmware. Download the firmware package from www.zyxel.com and unzip it. The firmware file uses a .bin extension, for example, "410AAHY1C0.bin". Do the following after you have obtained the firmware file. Connect your computer to the NWA. - Page 163 Chapter 15 File Manager Click Maintenance > File Manager > Shell Script to open this screen. Use the Shell Script screen to store, name, download, upload and run shell script files. You can store multiple shell script files on the NWA at the same time. Note: You should include write commands in your scripts.
- Page 164 Chapter 15 File Manager Table 76 Maintenance > File Manager > Shell Script (continued) LABEL DESCRIPTION This column displays the number for each shell script file entry. File Name This column displays the label that identifies a shell script file. Size This column displays the size (in KB) of a shell script file.
-
Page 165: Diagnostics
HAPTER Diagnostics 16.1 Overview Use the diagnostics screen for troubleshooting. 16.1.1 What You Can Do in this Chapter • The Diagnostics screen (Section 16.2 on page 165) generates a file containing the NWA’s configuration and diagnostic information if you need to provide it to customer support during troubleshooting. - Page 166 Chapter 16 Diagnostics Table 77 Maintenance > Diagnostics LABEL DESCRIPTION Collect Now Click this to have the NWA create a new diagnostic file. Download Click this to save the most recent diagnostic file to a computer. NWA5120 Series User’s Guide...
-
Page 167: Reboot
HAPTER Reboot 17.1 Overview Use this screen to restart the device. 17.1.1 What You Need To Know If you applied changes in the Web configurator, these were saved automatically and do not change when you reboot. If you made changes in the CLI, however, you have to use the write command to save the configuration before you reboot. -
Page 168: Shutdown
HAPTER Shutdown 18.1 Overview Use this screen to shutdown the device. Always use Maintenance > Shutdown > Shutdown or the shutdown command before you turn off the NWA or remove the power. Not doing so can cause the firmware to become corrupt. 18.1.1 What You Need To Know Shutdown writes all cached data to the local storage and stops the system processes. -
Page 169: Troubleshooting
HAPTER Troubleshooting 19.1 Overview This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LED • NWA Access and Login • Internet Access • Wireless Connections •... -
Page 170: Nwa Access And Login
Chapter 19 Troubleshooting If the problem continues, contact the vendor. 19.3 NWA Access and Login I forgot the IP address for the NWA. The default IP address (in standalone AP mode) is 192.168.1.2. If you changed the IP address and have forgotten it, you have to reset the device to its factory defaults. -
Page 171: Internet Access
Chapter 19 Troubleshooting • Try to access the NWA using another service, such as Telnet. If you can access the NWA, check the remote management settings to find out why the NWA does not respond to HTTP. • If your computer is connected wirelessly, use a computer that is connected to a LAN/ETHERNET port. -
Page 172: Wireless Connections
Chapter 19 Troubleshooting Make sure the NWA is connected to a broadband modem or router with Internet access and your computer is set to obtain an dynamic IP address. If you are trying to access the Internet wirelessly, make sure the wireless settings on the wireless client are the same as the settings on the NWA. - Page 173 Chapter 19 Troubleshooting Make sure the wireless LAN (wireless radio) is enabled on the NWA. Make sure the radio or at least one of the NWA’s radios is operating in AP mode. Make sure the wireless adapter (installed on your computer) is working properly. Make sure the wireless adapter (installed on your computer) is IEEE 802.11 compatible and supports the same wireless standard as the NWA’s active radio.
- Page 174 Chapter 19 Troubleshooting • PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses lowercase letters, uppercase letters and numerals to convert a binary PKCS#7 certificate into a printable form. • Binary PKCS#12: This is a format for transferring public key and private key certificates.The private key in a PKCS #12 file is within a password-encrypted envelope.
-
Page 175: Resetting The Nwa
Chapter 19 Troubleshooting In the Monitor > Wireless > AP Information > Radio List screen, there is no load balancing indicator associated with any APs assigned to the load balancing task. • Check to be sure that the AP profile which contains the load balancing settings is correctly assigned to the APs in question. -
Page 176: Appendix A Importing Certificates
PP EN D I X Importing Certificates This appendix shows you how to import public key certificates into your web browser. Public key certificates are used by web browsers to ensure that a secure web site is legitimate. When a certificate authority such as VeriSign, Comodo, or Network Solutions, to name a few, receives a certificate request from a website operator, they confirm that the web domain and contact information in the request match those on public record with a domain name registrar. - Page 177 Appendix A Importing Certificates If your device’s Web Configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Click Continue to this website (not recommended). In the Address Bar, click Certificate Error > View certificates. NWA5120 Series User’s Guide...
- Page 178 Appendix A Importing Certificates In the Certificate dialog box, click Install Certificate. In the Certificate Import Wizard, click Next. NWA5120 Series User’s Guide...
- Page 179 Appendix A Importing Certificates If you want Internet Explorer to Automatically select certificate store based on the type of certificate, click Next again and then go to step 9. Otherwise, select Place all certificates in the following store and then click Browse. In the Select Certificate Store dialog box, choose a location in which to save the certificate and then click OK.
- Page 180 Appendix A Importing Certificates In the Completing the Certificate Import Wizard screen, click Finish. 10 If you are presented with another Security Warning, click Yes. 11 Finally, click OK when presented with the successful certificate installation message. NWA5120 Series User’s Guide...
- Page 181 Appendix A Importing Certificates 12 The next time you start Internet Explorer and go to a ZyXEL Web Configurator page, a sealed padlock icon appears in the address bar. Click it to view the page’s Website Identification information. Installing a Stand-Alone Certificate File in Internet Explorer Rather than browsing to a ZyXEL Web Configurator and installing a public key certificate when prompted, you can install a stand-alone certificate file if one has been issued to you.
- Page 182 Appendix A Importing Certificates Removing a Certificate in Internet Explorer This section shows you how to remove a public key certificate in Internet Explorer 7 on Windows XP. Open Internet Explorer and click Tools > Internet Options. In the Internet Options dialog box, click Content > Certificates. NWA5120 Series User’s Guide...
- Page 183 Appendix A Importing Certificates In the Certificates dialog box, click the Trusted Root Certificates Authorities tab, select the certificate that you want to delete, and then click Remove. In the Certificates confirmation, click Yes. In the Root Certificate Store dialog box, click Yes. The next time you go to the web site that issued the public key certificate you just removed, a certification error appears.
- Page 184 Appendix A Importing Certificates Firefox The following example uses Mozilla Firefox 2 on Windows XP Professional; however, the screens can also apply to Firefox 2 on all platforms. If your device’s Web Configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error.
- Page 185 Appendix A Importing Certificates Installing a Stand-Alone Certificate File in Firefox Rather than browsing to a ZyXEL Web Configurator and installing a public key certificate when prompted, you can install a stand-alone certificate file if one has been issued to you. Open Firefox and click Tools >...
- Page 186 Appendix A Importing Certificates In the Certificate Manager dialog box, click Web Sites > Import. Use the Select File dialog box to locate the certificate and then click Open. The next time you visit the web site, click the padlock in the address bar to open the Page Info > Security window to see the web page’s security information.
- Page 187 Appendix A Importing Certificates Open Firefox and click Tools > Options. In the Options dialog box, click Advanced > Encryption > View Certificates. NWA5120 Series User’s Guide...
- Page 188 Appendix A Importing Certificates In the Certificate Manager dialog box, select the Web Sites tab, select the certificate that you want to remove, and then click Delete. In the Delete Web Site Certificates dialog box, click OK. The next time you go to the web site that issued the public key certificate you just removed, a certification error appears.
-
Page 189: Appendix B Ipv6
PP EN D I X IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 10 addresses. - Page 190 Appendix B IPv6 Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. Unspecified Address An unspecified address (0:0:0:0:0:0:0:0 or ::) is used as the source address when a device does not have its own address.
- Page 191 Appendix B IPv6 Table 80 Reserved Multicast Address (continued) MULTICAST ADDRESS FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F).
-
Page 192: Dhcp Relay Agent
Appendix B IPv6 combines its interface ID and global and subnet information advertised from the router. This is a routable global IP address. DHCPv6 The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, RFC 3315) is a server-client protocol that allows a DHCP server to assign and pass IPv6 network addresses, prefixes and other configuration information to DHCP clients. - Page 193 Appendix B IPv6 such as the system name. The interface-ID option provides slot number, port information and the VLAN ID to the DHCPv6 server. The remote-ID option (if any) is stripped from the Relay-Reply messages before the relay agent sends the packets to the clients. The DHCP server copies the interface-ID option from the Relay-Forward message into the Relay-Reply message and sends it to the relay agent.
- Page 194 Appendix B IPv6 determine whether the destination address is on-link and can be reached directly without passing through a router. If the address is onlink, the address is considered as the next hop. Otherwise, the NWA determines the next-hop from the default router list or routing table. Once the next hop IP address is known, the NWA looks into the neighbor cache to get the link-layer address and sends the packet when the neighbor is reachable.
- Page 195 Appendix B IPv6 Example - Enabling IPv6 on Windows XP/2003/Vista By default, Windows XP and Windows 2003 support IPv6. This example shows you how to use the ipv6 install command on Windows XP/2003 to enable IPv6. This also displays how to use the ipconfig command to see auto-generated IP addresses.
- Page 196 Appendix B IPv6 Click Start and then OK. Now your computer can obtain an IPv6 address from a DHCPv6 server. Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer.
- Page 197 Appendix B IPv6 Click Close to exit the Local Area Connection Status screen. Select Start > All Programs > Accessories > Command Prompt. Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection:...
-
Page 198: Appendix C Customer Support
• Brief description of the problem and the steps you took to solve it. Corporate Headquarters (Worldwide) Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com Asia China • ZyXEL Communications (Shanghai) Corp. ZyXEL Communications (Beijing) Corp. ZyXEL Communications (Tianjin) Corp. • http://www.zyxel.cn India • ZyXEL Technology India Pvt Ltd • http://www.zyxel.in Kazakhstan •... - Page 199 • ZyXEL Singapore Pte Ltd. • http://www.zyxel.com.sg Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com Thailand • ZyXEL Thailand Co., Ltd • http://www.zyxel.co.th Vietnam • ZyXEL Communications Corporation-Vietnam Office • http://www.zyxel.com/vn/vi Europe Austria • ZyXEL Deutschland GmbH • http://www.zyxel.de Belarus • ZyXEL BY • http://www.zyxel.by...
- Page 200 Appendix C Customer Support Belgium • ZyXEL Communications B.V. • http://www.zyxel.com/be/nl/ Bulgaria • ZyXEL България • http://www.zyxel.com/bg/bg/ Czech • ZyXEL Communications Czech s.r.o • http://www.zyxel.cz Denmark • ZyXEL Communications A/S • http://www.zyxel.dk Estonia • ZyXEL Estonia • http://www.zyxel.com/ee/et/ Finland • ZyXEL Communications •...
- Page 201 • ZyXEL Communications Poland • http://www.zyxel.pl Romania • ZyXEL Romania • http://www.zyxel.com/ro/ro Russia • ZyXEL Russia • http://www.zyxel.ru Slovakia • ZyXEL Communications Czech s.r.o. organizacna zlozka • http://www.zyxel.sk Spain • ZyXEL Spain • http://www.zyxel.es Sweden • ZyXEL Communications • http://www.zyxel.se Switzerland •...
- Page 202 Ecuador • ZyXEL Communication Corporation • http://www.zyxel.com/ec/es/ Middle East Egypt • ZyXEL Communication Corporation • http://www.zyxel.com/homepage.shtml Middle East • ZyXEL Communication Corporation • http://www.zyxel.com/homepage.shtml North America • ZyXEL Communications, Inc. - North America Headquarters • http://www.us.zyxel.com/ NWA5120 Series User’s Guide...
- Page 203 Appendix C Customer Support Oceania Australia • ZyXEL Communications Corporation • http://www.zyxel.com/au/en/ Africa South Africa • Nology (Pty) Ltd. • http://www.zyxel.co.za NWA5120 Series User’s Guide...
-
Page 204: Appendix D Legal Information
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. - Page 205 Appendix D Legal Information IC Radiation Exposure Statement This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment. End users must follow the specific operating instructions for satisfying RF exposure compliance. 率 輻 理 率 不 更...
-
Page 206: Regulatory Information
Appendix D Legal Information Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com. Open Source Licenses This product contains in part some free software distributed under GPL license terms and/or GPL like licenses. Open source licenses are provided with the firmware package. - Page 207 Appendix D Legal Information [Norwegian] Erklærer herved ZyXEL at dette utstyret er I samsvar med de grunnleggende kravene og andre relevante bestemmelser I direktiv 1999/5/EF. [Romanian] Prin prezenta, ZyXEL declară că acest echipament este în conformitate cu cerinţele esenţiale şi alte prevederi relevante ale Directivei 1999/5/EC.
-
Page 208: Safety Warnings
Appendix D Legal Information List of national codes COUNTRY ISO 3166 2 LETTER CODE COUNTRY ISO 3166 2 LETTER CODE Austria Malta Belgium Netherlands Cyprus Poland Czech Republic Portugal Denmark Slovakia Estonia Slovenia Finland Spain France Sweden Germany United Kingdom Greece Iceland Hungary... - Page 209 Appendix D Legal Information Environmental Product Declaration NWA5120 Series User’s Guide...
-
Page 210: Index
Index Index Certificate Management Protocol (CMP) Symbols Certificate Revocation List (CRL) vs OCSP certificates advantages of and CA and FTP and HTTPS access and SSH and WWW access privileges certification path 101, 109, 114 access users expired see also users factory-default admin users file formats... - Page 211 Index configuration files dual-radio application at restart dynamic channel selection backing up downloading downloading with FTP editing how applied lastgood.conf e-mail 156, 159 managing daily statistics report startup-config.conf encryption startup-config-bad.conf syntax ESSID system-default.conf Extended Service Set IDentification uploading uploading with FTP use without restart contact information Control and Provisioning of Wireless Access Points...
- Page 212 Index over SSL, see HTTPS permissions redirect to HTTPS JavaScripts vs HTTPS HTTPS and certificates authenticating clients avoiding warning messages key pairs example vs HTTP with Internet Explorer with Netscape Navigator HyperText Transfer Protocol over Secure Socket Layer, see HTTPS lastgood.conf 156, 159 layer-2 isolation...
- Page 213 Index Management Mode CAPWAP and DHCP CAPWAP and IP Subnets packet managed AP statistics standalone mode physical ports management mode packet statistics managing the device pop-up windows good habits power off using FTP. See FTP. power on MBSSID product registration memory usage 32, 34 Public-Key Infrastructure (PKI)
- Page 214 Index Rivest, Shamir and Adleman public-key algorithm for secure Telnet (RSA) how connection is established root AP versions with Linux 106, 109, 115 with Microsoft Windows RSSI threshold SSID SSID profile pre-configured SSID profiles SCEP (Simple Certificate Enrollment Protocol) starting the device screen resolution startup-config.conf Secure Socket Layer, see SSL...
- Page 215 Index upgrading warm start firmware warning message popup uploading warranty configuration files note firmware 11, 15 shell scripts Web Configurator 16, 19 usage access 32, 34 requirements flash supported browsers memory 32, 34 web configurator onboard flash WEP (Wired Equivalent Privacy) Wi-Fi Protected Access user authentication wireless channel...