Manuale d’uso / di manutenzione del prodotto WDAP-2000PE del fabbricante Planet
Vai alla pagina of 53
54/108Mbps Super A+G Wireless Access Point WDAP-2000PE User’s Manual.
Copyright Copyright © 2005 by PLANET Technology Corp. All rights reserved. No part of this publica- tion may be reproduced, transmitted, transcribed, stored in a retr ieval system, or translated into.
Safety This equipment is designed with t he utmost care for the safety of those w ho install and use it. However, special attention must be paid to the dangers of electric shock and static electricity when w orking w ith electrical equipment.
T ABLE OF C ONTENTS CHAPTER 1 INTRODUCTION ......................................................................... 3 1.1 Package Contents .......................................................................................... 3 1.2 Features .....
4.5.6 Grant Remote Access for Users ........................................................... 40 4.6 802.1x Client Setup on Window s XP .......................................................... 41 4.6.1 Client Certificate Setup ....................
Chapter 1 Introduction PLANET WDAP-2000PE is an IEEE 802.11a+g dual band Wireless Ac- cess Point with PoE. With the latest i nnovative Super A/G te chnology integrated, the maximum data rate of WDAP-2000PE is 108Mbps, which doubles the speed of standard 802.
1.3 Physical Details T op View LED Status Description POWER PWR Steady Green – Power on OFF – Power off Link/A ct Steady Green - Link is active Flashing Green - T ransmit or receive data OFF - No .
Installation Rear View Connector Description ANT T wo dipole antennas are supplied. Best result is usually obtained with the antenna in a vertical position. Pow er Connect the supplied power adapter here. Reset Button In order to clear ALL settings and restore to factory default, holding the Reset Button down continuously for 5 seconds.
Management Web based configuration CLI configuration Message Log Firmware upgrade UPnP support Configuration file Backup/Restore Super A/G mode Up to 108Mbps 802.
Installation 2 Chapter 2 Inst allation 2.1 General Installation Before you proceed w ith the installation, it is necessary that y ou have enough information about the WDAP-2000PE.
3 Chapter 3 Setup & Management 3.1 Overview This chapter describes the setup procedure to make the WDAP-2000PE a valid device on your LAN, and to function as an Access Point for your Wireless Stations. The WDAP-2000PE can be configured using either the Web Browser or the CLI (Command Line Interface).
If you can't connect: It is likely that your PC’s IP address is incompatible w ith the WDAP-2000PE’s IP address. The default IP address of the Wire less Access Point is 192.
A ssign static IP to this device If selected, the followi ng data must be entered. • IP A ddress - The IP Address of this device. Enter an unused IP address from the address range on your LAN. • Subnet Mask - The Netw ork Mask associated with the IP Address above.
Netw ork ID (SSID) The SSID (up to 32 printable ASCII characters) is the unique name identified in a WLAN. The ID prevents the unintentional merging of two co-located WLANs. Please make sure that the SSID of all stations in the same WLAN netwo rk are the same.
rity Policy connect to your netw ork. WEP: WDAP-2000PE allows you to use WEP data encry ption to secure your data from bei ng eavesdropping by unauthorized users. There are WEP64, WEP128 and WEP152 provided for data encryption. You can either use ASCII format or Hex format to enter a key.
3.4 Device Status You can monitor the system general information from the Dev ice Information field. 3.4.1 System Log The system log allows y ou to track events that have occurred in the system. Such event mes- sages can sometimes be helpful in determining the cause of a problem that you may have encountered.
3.4.3 Bridge Table The bridge table shows all MAC entries learned from the wired LAN interface, w ireless clients, and WDS peers (if running in the WDS mode).
3.4.4 Radio Table Radio table lists current Mode, channel, client associated wi th them and transmit packet, re- ceived packet, data error. 3.4.5 Site Survey Table This page shows other APs currently in t he environment that t he system can detect.
3.5 Advanced Settings The advanced settings tab contains more confi gurations for experienced users. However, changing your login passw ord from the default factory setting is highly recommended for secu- rity purposes. 3.5.1 Password Settings The default administrative password is “ passwo rd ”.
Local Management This option allows you to enabl e/disable management from WLAN connection. System A dministration The Access Point allows you to designate special port numbers other than the standard 80 for http for remote management. It also allows y ou to specify the duration of idle time (inactivity) before a web brow ser session times out.
Bridge You can enable/disable the 802. 1d STP (Spanning Tr ee Protocol) function on the bridge of WLAN and Ethernet (i.e. the LAN inter- face). Enable this function can detect loops in your LAN environment and then prot ect the LAN from being saturated with infinite loop traffic.
are enabled, the device can s end out TRAP messages automati- cally to the TRAP manager if configured. A ssign System Informa- tion System Name: A name that you assign to y our WDAP-2000PE. It is an alphanumeric string of up to 30 characters. System Location: Description of where y our WDAP-2000PE is physically located.
Disable MAC address control list When selected, no MAC address filtering will be performed. Enable GRANT address control list When selected, data traffic from onl y the specified devices in the table will be allow ed in the netw ork.
Enable VLA N for all SSIDs Once this function is enabled, you can specify an individual VLAN ID and priority tag for each SSID. In this w ay, you can separate traffic from stations using differ ent SSIDs and so protect the wired network from being accessed by unauthorized stations using certain SSIDs.
Select security policy Configure the security policy for the SSID. 3.5.6 Wireless Settings Beacon interval The WDAP-2000PE broadcasts beacon frames regularly to announce its existence. Default is 100, i.e., ten beacons per second. Decreasing the beacon interval makes passive scanning more reliable and faster.
Fragmentation When the size of a unicast fr ame exceeds t he fragmentation threshold, it will be fragmented before the transmission. It should have a value of 256-2346 bytes, w ith a default of 2346 . If you experience a high packet error rate, you should slightly decrease the Fragmentation Threshold.
ure WDS devices. A ccess Point This means the device is working on AP-only Mode, and is for wireless client users only . Wireless Distribution System (Bridge mode ) This mode can help you to group different wired netw orks to- gether by multiple WDAP-2000PE.
Enable Primary/Seconda ry Server Check this if you w ant to enabl e RADIUS authentic ation using the primary/secondary Radius Server . If both are selected, the pri- mary server w ill be tried first. Server IP The IP address of the RADIUS server. Port number The port number that your RADI US server uses for authentica- tion.
Ping flooding filtering When the ping (to the AP) traffi c reaches the configured degree (e.g. High, Low), any more such ping packets will be dropped. Higher degree allows less ping traffic to the AP.
3.6 System Tools 3.6.1 Firmware Upgrade You can upgrade the firmware of y our WDAP-2000PE. Normally, this is done w hen a new version of firmware is released.
3.6.2 Configuration Save and Restore You can save system configuration settings to a file, and later dow nload it back to the WDAP- 2000PE by follow ing the steps below.
3.6.3 Factory Default You can reset the configuration of your WDAP-2000PE to the factory default settings. Step 1: Select Factory Default from the Sys tem Tools menu. Step 2: Click YES to go ahead and restore the configur ation to the factory default.
Chapter 4 PC and Server Configuration 4.1 Overview All Wireless Stations need to have settings which match the Wireless Access Point. These settings depend on the mode in which the WDAP-2000PE is being used.
Security • The Pre-shared Key entered on the WDAP-2000PE must also be entered on each Wireless client. • The Encryption method (e.g. TKIP, AES) must be set to match the WDAP-2000PE. 4.4 Using WPA This is the most secure and most complex system. WPA mode provides greater security and centralized management, but it is more complex to configure.
• rras • webserver (IIS) • Radius Server (Internet Authentication Service) • Certificate Authority 4.5.1 Windows 2000 Domain Controller Setup 1. Run dcpromo.exe from the command prompt. 2. Follow all of the default prompts, ens ure that DNS is installed and enabled during installation.
6. Enter the information for the Certificate Authority, and click Next . 7. Click Next if you don't want to change t he CA's configuration data. 8. Installation will warn you that Internet Information Services are running, and must be stopped before continuing.
3. Click Next when the New Scope Wizard Begins. 4. Enter the name and description for the scope, click Next . 5. Define the IP address range. Change the subnet mask if necessary. Click Next . 6. Add exclusions in the address fields if required. If no exclusions are required, leave it blank.
11. If you don't want a WINS server, just click Next . 12. Select Yes, I want to activate this scope now . Click Next , then Finish . 13. Right-click on the server, and select Authorize . It may take a few minutes to complete. 4.5.4 Certificate Authority Setup 1.
4. Select Start - Programs - Administrative Tools - Active Directory Users and Com- puters . 5. Right-click on your active directory domain, and select Properties.
7. Select Computer Configuration - Windows Settings - Security Settings - Public Key Policies , right-click Automatic Certificate Request Settings - New - Automatic Certificate Request . 8. When the Certificate R equest Wizard appears, click Next . 9.
10. Ensure that your certificat e authority is checked, then click Next . 11. Review the policy change information and click Finish . 12. Click Start - Run , type cmd and press enter. Enter secedit /refreshpolicy machine_policy This command may take a few minutes to take effect.
9. Click Permitted , then OK . Select Next . 10. Select Grant remote access permission . Click Next . 11. Click Edit Profile... and select the Authentication tab. Enable Extensible Authenti- cation Protocol , and select Smart Card or other Certificate .
3. Select the Dial-in tab, and enable Allow access . Click OK . 4.6 802.1x Client Setup on Windows XP Windows XP ships with a complete 802.1x client implementation. If using Windows 2000, you can install SP4 (Service Pack 4) to gain the same functionality.
4. On the first screen (below), select Request a certificate , click Next . 5. Select User certificate request and select User Certificate , the click Next .
6. Click Submit . 7. A message will be displayed, then the certificate will be returned to you. Click Install this certificate . 43.
8. . You will receive a confirmation message. Click Yes . 9. Certificate setup is now complete. 4.6.2 802.1x Authentication Setup 1. Open the properties for the wireless connection, by selecting Start - Control Panel - Network Connections. 2. Right Click on the Wireless Network Connection , and select Properties .
Encryption Settings The Encryption settings must match t he APs (WDAP-2000PE) on the Wireless net- work you want to join. • Windows XP will detect any available Wirele ss networks, and allow you to config- ure each network independently. • Your network administrator can advise you of the correct settings for each net- work.
2. Select the wireless network from the Available Networks list, and click Configure . 3. Select and enter the correct values, as advised by your Network Administrator. For example, to use EAP-TLS, you would enable Data encryption , and click the checkbox for the setting: The key is provided for me automatically , as shown be- low.
4.7 Using 802.1x Mode The procedures are similar to using 802.1x. The only difference is that on your client, you must NOT enable the setting: The key is provided for me automatically . Instead, you must enter the WEP key m anually, ensuring it matches the WEP key used on the Access Point.
A Appendix A T roubleshooting Problem 1: Can't connect to the WDAP-2000PE to configure it. Solution 1: Check the following: • The WDAP-2000PE is properly inst alled, LAN connections are OK, and it is powered ON. Che ck the LEDs for port status.
Appendix B Command Line Interface If desired, the Command Line Interface (CLI) can be used for configurati on. This creat possibility of creating scripts to perform common configuration changes. es the B Using the CLI - Telnet 1. Start your Telnet client, and es tablish a connection to the WDAP-2000PE.
Description: Set the HTTP server port (f or device management) to the one specified. set http timeout <timeout value in minutes, 1-60> Description: Set the timeout val ue for the HTTP management session. set prompt <string up to 15 ch aracters> Description: Set the command line prompt.
show snmp statistics Description: Display the cu rrent SNMP statistics. show trap manager [<string u p to 30 characters>] Description: Display the settings of the s pecified SNMP trap manager. If no trap manager is specified, this command displays the settings of all trap managers.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il Planet WDAP-2000PE è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del Planet WDAP-2000PE - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso Planet WDAP-2000PE imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul Planet WDAP-2000PE ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il Planet WDAP-2000PE, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del Planet WDAP-2000PE.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il Planet WDAP-2000PE. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo Planet WDAP-2000PE insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.