Gateway 7001 Series manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218

Ir a la página of

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones Gateway 7001 Series. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica Gateway 7001 Series o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual Gateway 7001 Series se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales Gateway 7001 Series, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones Gateway 7001 Series debe contener:
- información acerca de las especificaciones técnicas del dispositivo Gateway 7001 Series
- nombre de fabricante y año de fabricación del dispositivo Gateway 7001 Series
- condiciones de uso, configuración y mantenimiento del dispositivo Gateway 7001 Series
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de Gateway 7001 Series no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de Gateway 7001 Series y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico Gateway en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de Gateway 7001 Series, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo Gateway 7001 Series, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual Gateway 7001 Series. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    U ser Guide Gatewa y 7001 Ser ies Acc ess P oint[...]

  • Página 2

    i www .gate wa y .com Co n t e n t s 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Overview of the G ateway 7001 Series of self-m anaged AP s . . . . . . . . . . . . . . . . . . . . . . . . 2 Features a nd benef its . . . . . . . . . . . . . . . . . . . . . .[...]

  • Página 3

    ii www .gate way . com Cluster mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Standalo ne mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4 Cluster formation . . . . . . . . . . . . . . . . . . . . . . . . . [...]

  • Página 4

    iii www .gate wa y .com Enablin g or disa bling a network time p rotocol (NTP) se rver . . . . . . . . . . . . . . . . . . . . 79 Configu ring network security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Understandi ng securi ty issues o n wireless networks . . . . . . . . . . . . . . . . . . .[...]

  • Página 5

    iv www .gate way . com A Glossa ry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 B Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 7 C Safety, R egulatory, and Legal Information . . . . [...]

  • Página 6

    Chapter 1 1 Introduc tion ■ Features and benefits ■ Netwo rking ■ Maintainability ■ Default settin gs and supported administrator/client platforms[...]

  • Página 7

    2 ww w . g at eway . c om Ov er view of the Gate wa y 7001 Series of self-managed AP s The Gateway 7001 Series of self-m anaged APs (access po ints) provide conti nuous, high-speed acc ess between your wi reless and Ethernet dev ices. They are advanced, turnkey solutions for wireless networking in sma ll and medium-sized busine sses. The Gateway 70[...]

  • Página 8

    3 www .gate wa y .com F eatures and benefits IEEE st andards supp or t an d Wi-Fi compliance ■ Support f o r IEEE 802.1 1a, 802.11b, and 802.11 g wireless networking standa rd s (depending on model) ■ Provides bandwid th of up to 54 Mbps for 802.1 1a or 802.11g (11 Mbps for 80 2.11b, 108 Mbps for 8 02.11a T urbo) ■ W i-Fi certified Wireless f[...]

  • Página 9

    4 ww w . g at eway . c om Out- of-th e-Box guest inter f ace ■ Unique network name (SSID ) for the Guest interface ■ Captive portal to guide guests to custom ized, guest-only W eb page ■ VLAN and dual Ethernet options Clusteri ng and auto-managem ent ■ Automatic setup with K ickstart. ■ Provisioning and p lug-and-play through automat ic c[...]

  • Página 10

    5 www .gate wa y .com Defaul t settings and supported administra tor/client pla tforms Before you plug in and boot a new access poin t, review the following sections for a quick check of required hardware co mponents, softwa re, client confi gurations, and compatibility issues. Make sure you have everything you need ready to go for a successful lau[...]

  • Página 11

    6 ww w . g at eway . c om P assw ord admin “Provid ing administr ator pass word an d wireless netwo r k name ” on page 32 “Configu ring security settin gs on wirele ss client s” on page 121 Network Nam e (SSID) “Gate wa y 7001 AP Netw ork” for th e Internal interf ace “Gate wa y 7001 AP Guest Netwo rk” for the Guest in terface “Re[...]

  • Página 12

    7 www .gate wa y .com IEEE 802.11 M ode 802.11g pr 8 02.11a+g “Co nfig uri ng rad io settings ” on page 104 802.11g C hannel A uto “Co nfig uri ng rad io settings ” on page 104 Beacon Inte r val 100 “Co nfig uri ng rad io settings ” on page 104 DTIM P erio d 2 “Co nfig uri ng rad io settings ” on page 104 F ragme ntation Threshold 2[...]

  • Página 13

    8 ww w . g at eway . c om Wha t the access poin t does not pro vide The Gateway 7001 S e ries self-mana ged AP is no t designed to function as a gateway to the Internet. T o connect your LAN to other LANs or the Internet, you need a gateway device, such as a rou ter or a sw itch. MA C Filtering Allow an y station unless in li st “Controll ing acc[...]

  • Página 14

    9 www .gate wa y .com A dministra tor ’ s c omputer Configuratio n and administratio n of the Gateway 7001 Series self-managed AP is accomplished w ith the K ic kStar t utility (which you run from the CD ) and through a W eb-based user interface (UI). The following table describes the minimum r equirements for the administrator’ s computer . Re[...]

  • Página 15

    10 ww w . g at eway . c om Kic kStar t Wizard on CD Y ou can run the KickSta r t CD on an y laptop or compute r that is connec ted to the access point (through Wired or Wireles s connec tion). It dete cts Gatew ay 7001 Series se lf-managed APs on th e ne twor k. Th e wiz ard step s you th roug h in itia l co nfigu ratio n of new a ccess poin ts, an[...]

  • Página 16

    11 www .gate wa y .com W ireless client c omput ers The Gateway 7001 Series self-mana ged AP provides wirel e ss acce ss to any client with a correctly configured W i-Fi client adapter for the 802.11 mo de in which the access point is running. Multiple client operating systems are suppor ted. Clients can be laptops or desktops, personal digita l as[...]

  • Página 17

    12 ww w . g at eway . c om Understanding dynamic and static IP addressing Gateway 7001 Series self-managed APs ar e built t o auto-configure, with very little se tup required for the first access point and no configuration required for additional access points subsequently joining a preconfigured cluster . How does the access poi nt obtain an IP ad[...]

  • Página 18

    13 www .gate wa y .com Sta tic IP addressing The Gateway 7001 Series self-mana ged AP ships with a defa ult Static IP Address o f 192.168.1.1. ( See the default set tings for the AP in “Gateway 7 001 Seri es self-m anage d AP” on page 5 .) If no DHCP ser ver is found on the network, the AP retains this static IP address at first-time st a rtup.[...]

  • Página 19

    14 ww w . g at eway . c om[...]

  • Página 20

    Chapter 2 15 Quick Setup ■ Unpacking the access p o int ■ Connecting the access point to network and p ower ■ T urning on the access point ■ Running KickStart to find acces s points and assign IP addresses ■ Configuring bas ic settings and starting the wireless network[...]

  • Página 21

    16 ww w . g at eway . c om Setting up th e access point Set ting up an d depl oying one or mor e Gatewa y 7001 Series self-managed APs is in effect creating and launching a wireles s network . The KickStart W izard and corresponding Basic Settings Administra tion W e b page simplify thi s process. Here is a step-by-step guide to setting up your Gat[...]

  • Página 22

    17 www .gate wa y .com Wh at’ s inside the acc ess poin t? An access point is a single-purpose c omputer designed to functi on as a wireless hub. Inside the access point is a W i-Fi radio system, a mi croprocessor , and sometimes a mini- PC card. The access point boo ts from FlashROM that contains firmware with the c onfigurable, runtime features[...]

  • Página 23

    18 ww w . g at eway . c om C onnec ting the a cc ess point to netw ork and po wer The next step is to set up the network and power connections. T o set up the network and power connections: 1 Connect one end of an Ethernet cable to the network port on the access point and the other end to the s a me hub where your computer is co nnec ted. OR - Conn[...]

  • Página 24

    19 www .gate wa y .com 2 Connect the power adapter to the power port on the back of the access point, then plug the other end of the power cord into a power outlet (preferably , using a surge protect or). Setting up connections for a guest net w ork The Gateway 7001 Series self-managed AP offers an out-of-the- bo x Guest Interface that lets you con[...]

  • Página 25

    20 ww w . g at eway . c om Hardw are conn ec tions f or a phy sically separ ate guest ne twork If you plan to configure a p hysically separa te guest network, you need to set up your network connections differently a t this point. The Gateway 7001 S e ries self-mana ged AP ships with an extra network port to support configuration of a physically se[...]

  • Página 26

    21 www .gate wa y .com Run the KickStart CD on a laptop or computer that is connected to the same network as your access points and use it to step through the discovery process. Important K eep in min d that Kic kStar t (and the other Gate wa y adminis tration tools ) recogniz es and confi gures only Gate wa y 7001 Series sel f-managed APs . KickSt[...]

  • Página 27

    22 ww w . g at eway . c om T o run KickStart: 1 Insert the KickSt a rt W izard CD into the CD drive on yo ur computer . If the KickStart window is not displa yed automatically , navigate to the CD dri ve and double-click the Kickstart executa ble file to activate the KickSta rt utility on the CD. The KickSt art We l c o m e screen is displayed.[...]

  • Página 28

    23 www .gate wa y .com 2 Click Next to search for access points. W a it for t he sea r ch to complete, or unti l KickStart has found your new access points. 3 R e v i e w t h e l i s t o f a c c e s s p o i n t s f o u n d . KickStart will detect the IP addresses of Gateway 7001 S eries self-managed APs. Access points are listed with their location[...]

  • Página 29

    24 ww w . g at eway . c om Logg ing on to the administra tion W eb pages When you follo w the link from KickStart to the Gateway 7001 S e ries sel f-managed AP administration W eb pages, you are pr ompted f or a user n ame and pa ssword. The defaults for user na me and password are as follows. Important Kic kStar t provide s a link to the Adminis t[...]

  • Página 30

    25 www .gate wa y .com T ype the user name and password and click OK .[...]

  • Página 31

    26 ww w . g at eway . c om Viewi ng basic settin gs for Gatew ay 7001 S eries se lf-managed acces s points When you log i n, the Basic Settings page for Gateway 7001 Series self-manage d AP administration is displayed . These are globa l settings for a ll access points tha t are members of the cluster and, i f automatic configuratio n is specified,[...]

  • Página 32

    27 www .gate wa y .com C onfiguring basic settings and star ting the wireless networ k Provide a minimal set of c onfiguration information by defining the basic settings for your wireless network. These settings are all available on the Basic Settings page of the Administratio n W eb in terface, and are ca tegorized into steps 1-4 on the W eb page.[...]

  • Página 33

    28 ww w . g at eway . c om What ’ s n ex t? Make sure the access point is connected to th e LAN and access some wireless clients. After you have tested the basics of y o ur wireless network, you can enable more security and fine-tune by mod ifying advanced configuration fea tures. Mak e sure the acc ess point is co nnected to the LAN If you confi[...]

  • Página 34

    Chapter 3 29 C onfiguring Ba sic Net work Settings ■ Navigating to bas ic settings ■ Reviewing and describing the access point ■ Setting configuration policy for new access points ■ Understanding ba sic settings for a standalon e access point ■ Understandi ng indicator ico ns[...]

  • Página 35

    30 ww w . g at eway . c om Na viga ting to basic settings T o configure basic Network settings, clic k Network , t hen c lick B asic Settings . If you use Kickst art to link to the Administratio n W e b pages, the Bas ic Settings page is displayed by default . Fill in the boxes on t he Basic Settings pa ge a s described in th e following section.[...]

  • Página 36

    31 www .gate wa y .com Reviewing and descri bing the access point Field A ctio n IP Addre ss This box i s not editab le becaus e the IP address is already assigned (eithe r through DHCP , or static ally through th e Ether net (Wired ) settings as d escribed in “Configuri ng Guest interf ace Ethernet sett ings” on page 73 ). MA C Address A MA C [...]

  • Página 37

    32 ww w . g at eway . c om P ro viding administra tor passw ord and wir eless ne tw ork name Caution The Ga tewa y 7001 Se ries self-manage d AP is not desig ned fo r multip le, si multaneou s configur ation chan ges. If y ou ha ve a network that includ es multipl e access poi nts, and mo re than one admi nistrato r is logged on to the Administra t[...]

  • Página 38

    33 www .gate wa y .com Wire less Network Name (SSID) T ype a na me for the wireless network as a char acter string. Thi s name will appl y to all access points on this netw or k. As y ou add more access poi nts, the y will share this SSID . The Service Se t Identifier ( SSID ) is an alphan umeric str ing o f up t o 32 charac ters Note: If yo u are [...]

  • Página 39

    34 ww w . g at eway . c om Setting c onfigur ation polic y for ne w access points[...]

  • Página 40

    35 www .gate wa y .com Field A ctio n New Access Po i n t s Choos e the policy y ou wa nt to put in eff ect f or adding New Ac cess P oints to the n etwork. • If y ou choose are configu red automatica lly , then when a new acces s points is added to the net work it automat ically j oins the e xisting clus ter . The clust er configu ration is copi[...]

  • Página 41

    36 ww w . g at eway . c om Upda ting basic settings When you have reviewed the new configura tion, click Update to apply the settings and deploy the access points as a wireless network.[...]

  • Página 42

    37 www .gate wa y .com Understanding basi c sett ings for a standalone acc e ss point The Basic Se ttings tab for a standalone access point in dicates only that the curren t mode is standalone and pro vides a button for adding the access point to a cluster (group). If you click on a ny of the Cluster tabs on the Administ ration pages for an access [...]

  • Página 43

    38 ww w . g at eway . c om Understanding indicator ic ons All the network setting s tabs on the Administration W eb pages include visua l indicator icons showing current ne twork activity Icon Description The clu stering icon in dicates whether the current acce ss point is “Clustered” or “N ot Clustered” (tha t is, standal one). The nu mber[...]

  • Página 44

    Chapter 4 39 Ma naging Access P oints and Clusters ■ Navigating to ac cess points manage ment ■ Understandi ng clustering and acces s points ■ Modifying the location description ■ Adding and r emoving an acce ss point ■ Navigating to an AP by us ing its IP address in a URL[...]

  • Página 45

    40 ww w . g at eway . c om Introduc tion The Gateway 7001 Series self-managed APs show c urrent basic configuration settings for clus tered access points (l ocati on, IP ad dress, MAC addr ess, st atus, and avai labil ity) and provide a way of navigating to the ful l configuration for specific APs if they are cluster members. Standalone acces s poi[...]

  • Página 46

    41 www .gate wa y .com Na viga ting to acce ss points management T o view or edit information on access points in a cluster , click Cluster > Acc ess Po ints on the Administra tion W e b page. The Manage access points in the cluster screen opens.[...]

  • Página 47

    42 ww w . g at eway . c om Understanding clustering A key feature of the Gateway 7001 Series self-manage d AP is the ability t o form a dynamic, configu ration-awa re group (called a c luster) wit h other Ga teway acces s points in a netw ork in the same subnet. Access points ca n participate in a peer-to-peer cluster whic h makes it easier for you[...]

  • Página 48

    43 www .gate wa y .com Having a mix of APs on the network does not adversely affect Gateway 7001 Se ries self-managed AP clustering i n any way , however it is helpful to understa nd the clustering behavior for administration purposes: ■ Gateway 7001 Series self-managed APs of the same model will form a cluster . The dual-band APs will form one c[...]

  • Página 49

    44 ww w . g at eway . c om Settings that a re not shared m ust be configured individua lly on the Admi nistration pages for each access point. T o get to the Administration pages fo r an access point th at is a member of the current cluster , click on its IP Address link on the Clust er > Ac cess P oint s page of the current AP . Clust er mode W[...]

  • Página 50

    45 www .gate wa y .com Y ou can re-enable cluster mode o n a sta ndalone access point. (See “Addin g an access point to a cluster” on page 52 .) Clust er formation A cluster is formed when the first Gateway 7001 S eries self-managed AP is configured . (See “Quick Setup” o n page 15 and “Configuring Basic Network Settings” on page 29 .) [...]

  • Página 51

    46 ww w . g at eway . c om Note that auto-synchronization always occurs during configu ration updates that affect the cluster , but the p rocessing time is usuall y negligible. The a uto-synch progress bar is displayed only for longer-than-usua l wait times. Clu ste r re cover y In cases where the access points in a cluster become out of syn c for [...]

  • Página 52

    47 www .gate wa y .com The Stop Clustering page for t hi s access point opens. 2 Click the Stop Clustering button. 3 Repeat steps 1 and 2 for every access point in the cluster . 4 Reset each access poi nt by going to the Administration W eb pages of the access point you want to reset by entering its URL into the address bar of your W eb browser: ht[...]

  • Página 53

    48 ww w . g at eway . c om 5 On the Administrat ion UI left-hand tabs, click Adv anced > Reset Configur ation to open the Res et page . Th e Reset pa ge opens. 6 Click Reset to restore the factory defaults on the access point . (This will clear all of your previous setting s, including updated passwords.) 7 Repeat steps 4 through 6 for ever y ac[...]

  • Página 54

    49 www .gate wa y .com 8 Refresh the cluster view by clicking C luster > Acces s Point s o n t h e A d m i n i s t r a ti o n W e b pages for any one of the a ccess points. The Access Points clu ster management page ope ns. 9 Click Refresh . At this point you should see all previous cluster members displayed in the list. Before proceeding to the[...]

  • Página 55

    50 ww w . g at eway . c om Understanding access point settings The Acces s Poi nts tab on the Administ ration W eb page provid es information about all access points on the wireless network. From this tab, you can view location descriptions, IP addresses, enable (activate) or disa ble (deactivate) clustered access p o ints, and remove a c cess poin[...]

  • Página 56

    51 www .gate wa y .com W o rking with access poin ts in a cluster Modifying the location description T o make modifications to the location description: 1 Click Basi c Settings on the Administration W eb p age. 2 Update the location description in sec tion 1 under “Review Description of this Access Point.” 3 Click Updat e to app ly th e cha nge[...]

  • Página 57

    52 ww w . g at eway . c om A dding an access point t o a cluster T o add an access point that is currently in standalone mode back into a cluster: 1 Go to the Admin istration W eb pages for the standalone a ccess point. (See “N avig ating t o a n A P b y u s i n g i t s I P a d d r e s s i n a U R L ” o n p a g e 5 3 .) The Administration W eb [...]

  • Página 58

    53 www .gate wa y .com Na viga ting to informa t ion for a specific AP and managing standalone APs In general, Ga teway 7001 Series self-mana ged APs are designed for ce ntral management of clustered access po ints. For access points in a c luster , all access points in the cl uster reflect the same configura tion. In this case, it does not matter [...]

  • Página 59

    54 ww w . g at eway . c om[...]

  • Página 60

    Chapter 5 55 Mana ging User A ccounts ■ Navig ating to user manage ment for clustered ac cess points ■ V iewing and changing user accounts ■ Adding a user ■ Editing a user accountt ■ Enabling and disabling user a cco unts ■ Removing a user[...]

  • Página 61

    56 ww w . g at eway . c om Introduc tion The Gateway 7001 Series self-managed APs in clude user management capabilities for controlling clien t a ccess to access points. User management and a uthentication must always be used in con j unction wi th the following two security m odes, which require us e of a RADIUS server for user authentication and [...]

  • Página 62

    57 www .gate wa y .com Na viga ting to user management f or cluster ed access p oints T o set up or modify user accounts, c lick Cluster > User Mana gement on th e Administration We b p a g e . T h e Manage us er acc ounts sc re en opens.[...]

  • Página 63

    58 ww w . g at eway . c om Viewing and changing user acc ounts Viewing user acc ounts User accounts are show n at the top of the Ma na ge user accounts sc reen under User Accounts. User name, re al name and st atus (enabled o r disabled) are sho wn. Y ou can mak e modifications to a n existing user account by first selecting th e checkbox next to a[...]

  • Página 64

    59 www .gate wa y .com E d iting a user acco unt After you have created a user acc ount, it is displayed under User Account s at the top of the User Management W eb page. T o make modificati o ns to an existing user account, first click the checkbox next to the user name so that a checkmark is displayed in the box. Then, choos e an acti on such as [...]

  • Página 65

    60 ww w . g at eway . c om T o disable a user account: ■ On the User Management W eb p a ge, under User Accounts, clic k the box next to the user name, then click Disable . A user with an acc o unt that is disabled cannot log on to the wireless access point s in your network as a client. H o wever , the user remains in the databas e and can be en[...]

  • Página 66

    Chapter 6 61 Session Monit oring ■ Navigating to sess io n monitoring ■ Understanding sess io n monitoring information ■ V iewing session information for access poi nts ■ Sorting se ssion information ■ Refreshin g session information[...]

  • Página 67

    62 ww w . g at eway . c om Na viga ting to session monito ring T o view session monito ri ng information, click Cluster > Sessio ns on the Administration We b p a g e . T h e Monitor active client sta tion sessions page o pens.[...]

  • Página 68

    63 www .gate wa y .com Understanding session monitoring inf o rma tion The Monitor ac tive client station sessions page shows the stations associated with a c cess points in the cluster . A session in this context is the period of time in which a user on a client device (station) with a unique MAC a ddress maintains a connec ti on with the wireless[...]

  • Página 69

    64 ww w . g at eway . c om Signal Indicates the strength o f the ra dio frequency (RF) signal th e client rec eives from the a ccess point. The meas ure used f or this is an IEEE 8 02.1x v alue know n as Received Signal Stren gth Indicatio n (RSSI), and will be a v alue betw een 0 and 100. RSSI is de ter mined by a an I EEE 802.1x me chanism impl e[...]

  • Página 70

    65 www .gate wa y .com Viewing session inf ormation f or acc ess points Y ou can view session informa tion for all access po ints on the network at th e same time, or set the display to show session informat ion for a spec ified access point chosen from the list at the t o p of the screen. T o view information on all access points, select the Sho w[...]

  • Página 71

    66 ww w . g at eway . c om[...]

  • Página 72

    Chapter 7 67 Adv anc ed Configur ation ■ Configuring an Ethernet (wired) interface ■ Configuring a wireless interface ■ Configuring network security ■ Configuring radio settings[...]

  • Página 73

    68 ww w . g at eway . c om C onfiguring an E thernet (wir ed) inter face Ethernet (W ired) Settings describe the configuration of your Ethernet lo cal ar ea netw ork ( LAN ) Caution The Ethernet Setti ngs, incl uding Gues t Access, are n ot shared ac ross the clus ter . These setti ngs must b e configure d individual ly on the Admi nistration p age[...]

  • Página 74

    69 www .gate wa y .com Na vigating to Ethernet (wired) settings T o set the wired address for an acces s point, Advanc ed > Ethernet (Wired) Settin gs on the Administratio n W eb page, and update the boxes as described in the following section. Setting the DNS name Field D escr iptio n DNS Name T ype a DNS name for the access poin t i n the te x[...]

  • Página 75

    70 ww w . g at eway . c om Enabling or Disabling Guest Acc ess Y ou can p rovide co ntroll ed gues t acces s over an isol ated netw ork an d a secu re inter nal LAN on the same Ga teway 7001 Series se lf-managed AP . C onfigur ing an int ernal LAN and a gue st network A Local Area Network (LAN) is a communications network covering a li mited area, [...]

  • Página 76

    71 www .gate wa y .com Choose either physically sepa ra te or virtually separate interna l a nd guest LANs as described in the following section. C onfiguring Internal inter face E thernet settings T o configure Ethernet (Wired) set tings for the internal LAN, fill in the boxes as described in the following table. Field D escr iptio n F or Internal[...]

  • Página 77

    72 ww w . g at eway . c om Connection T ype Y ou can select “DHCP Client” or “Static IP”. The Dynamic Host Config uration Protocol (DHCP) is a protocol spe cifying how a centrali zed server can provi de network co nfiguration inf or mation t o clients. A DHCP server “off er s” a “lease” to the client system. The inf orm ation suppli[...]

  • Página 78

    73 www .gate wa y .com C onfiguring Guest inter fac e Ethern et settings T o configure Ethernet (Wired) setti ngs for the “Guest” int e rface, fill i n the boxes as described in the following table. Updating settings T o ap ply you r chang es, click Update . Field D escr iptio n MA C Address Show s the MA C address for the guest interf ace f or[...]

  • Página 79

    74 ww w . g at eway . c om C onfiguring a wireless inter face Na vigating to wireless settings T o set the wireless address for an access point, click Adv anced > Wirel ess Settings on the Administratio n W eb page, and update the boxes as described in the following section. C onfiguring the radio int er f ace The radio inte rface lets you set t[...]

  • Página 80

    75 www .gate wa y .com Field D escr iptio n MA C Addr esses (Shown on dual-ban d AP only ) Indicat es the Media Ac cess Control ( MAC) a ddresses f or the inte rface . On the du al band AP only , the MA C address es for Rad io Interf ace One (Internal/Gues t) and Radio Interf ace T wo (Internal/Gues t) are shown . A MA C address is a permanent, uni[...]

  • Página 81

    76 ww w . g at eway . c om C onfiguring internal LAN wireless settings The internal settings describe the MAC Address (re ad-only) and Networ k Name (also known as the SSID) for the internal W ireless LAN (W LAN) as described in the following section. C onfiguring guest network wir e less settings The Guest Settings describe the MAC Add ress (read-[...]

  • Página 82

    77 www .gate wa y .com Updating settings T o ap ply you r chang es, click Update . SSID T ype the SSID for the internal WLAN. The Service Set Identif ier (SSID) is an alphanu mer ic string of up to 32 chara cters that uniq uely identif ies a wirele ss local area net work. It is als o ref erred to as the N etwork Name. Th ere are no restriction s on[...]

  • Página 83

    78 ww w . g at eway . c om Enabling a netw ork time pr otoc ol ser v er The Netwo rk Tim e Prot ocol ( NTP ) is an Internet stan dard protoco l that synchro nizes computer clock times o n your network. NTP servers transmit C oordi nate d Uni ver sal Time (UTC, also known as Greenwich Mean T ime ) to their client systems. NTP sends periodic t ime re[...]

  • Página 84

    79 www .gate wa y .com Enabling or disabling a network time protoc ol (NTP) ser v er T o configure your access point t o use a network time protocol (NTP) server , first enable the use of NTP , then selec t the NTP server you want to use. (T o shut down NTP service on the network, disable NTP on the access point.) Updating settings T o ap ply you r[...]

  • Página 85

    80 ww w . g at eway . c om C onfiguring netw ork security Understanding security issues on wireless networks W ireless mediums are inherently less secure than wired mediums. For example, an Ethernet NIC transmits its p ackets over a physical medium such as coaxial cable or twisted pair . A wireless NIC bro adcasts radio sign als over the ai r allow[...]

  • Página 86

    81 www .gate wa y .com C omparison of secur ity modes for k ey manageme nt, authen tication, and encryption algorithms The three major factors that determine th e effectiveness of a security p r otocol are: ■ How the protoc ol manages keys ■ Presence or absence of integrated user auth entication in the protocol ■ Encryp tion algorithm or form[...]

  • Página 87

    82 ww w . g at eway . c om Recommendations Static WEP was designed to provide security equivalent of sending unencrypted data through an Etherne t connection, however it has ma jor flaws and it does not p rovide even this intended level of security . Therefore, Static WEP is no t recommended as a secure mode. The o nly time to use Sta tic WEP is wh[...]

  • Página 88

    83 www .gate wa y .com Recommendations IEEE 802.1x mo d e is a b e tter choic e than Static WEP because keys are d y namically generated and changed periodically . Howe ver , the encryption algorithm used is the same as that of Static WEP and is therefore not as reliable as the more ad vanced enc ryption methods such as TKIP and CCMP ( AES) used in[...]

  • Página 89

    84 ww w . g at eway . c om Recommendations WP A with RADIUS mode is the recommended mode . The CCMP (AES) and TKIP encryption algorithms used with WP A modes are far superior to the R C4 algorithm used for Stati c WEP or IEEE 802.1x modes . Therefore, CCMP (AES) or TKIP should be used whenever possible. All WP A modes allow you to use these encrypt[...]

  • Página 90

    85 www .gate wa y .com For information o n how to configure WP A with RA DIUS security mode, see “WP A with RADIUS” o n page 95 . When to use WP A-PSK W i-Fi Protected Access (WP A) with Pre-Shared K ey (PSK) is a W i-Fi Alliance su bset of IEEE 802.11i, which inclu des T emp oral Key Integrity Protoco l (TKIP) and 802.1x me chanisms. This mode[...]

  • Página 91

    86 ww w . g at eway . c om For example, some devices on your network may not support WP A with EAP talking to a RADIUS server . Embedded printer servers o r ot her small client devices with ver y limited space for implementation may no t support RA DIUS. For such cases, we recommend that you use WP A-PSK. For information on how to configure WP A-PS[...]

  • Página 92

    87 www .gate wa y .com Na vigating to security settings T o set the sec urity mode, click Advan ced > Security o n the Administrati o n W eb page. The Modify security se ttings that apply to the inte r nal net work screen o pens. Update the boxes as described in the following section. C onfiguring security settings The following configuration in[...]

  • Página 93

    88 ww w . g at eway . c om Broad cast SSID and Security Mode T o configure security on the access point , selec t a security mode a nd fill in t he re lated boxes as described in the following table. (Not e you can a lso allow or prohibit the Broa dcast SSID as an extra precaution a s mentioned in the following section.) Plain-text Plain T ext mean[...]

  • Página 94

    89 www .gate wa y .com For a minimum level of p rotection on a guest network, you can c hoose to suppress (prohibit) the broadc a st of the SSID ( netwo rk name) to discourage client st ations from automaticall y discovering your access p oint. (See also “Does Prohibiting the Broadcast SSID Enhance Security ?” on page 86 .) (For more about the [...]

  • Página 95

    90 ww w . g at eway . c om Field D escr iptio n T ransfer K ey Inde x Sele ct a key index from the l ist. Key index e s 1 thro ugh 4 a re available. T he defaul t is 1. The T ransf er Ke y Inde x indica tes which WEP k ey the access poi nt will use to encrypt the dat a it trans mits. K ey Length Spec ify the length of the ke y by clicki ng one of t[...]

  • Página 96

    91 www .gate wa y .com Rules to Reme mber for Static WEP ■ All client stations m ust have the Wireless LA N (WLAN) security set to WEP and all clients must hav e one of the WEP keys spec ified o n the AP in order to de-crypt AP-to-station data transmi ssions. ■ The AP must have all keys used by clients for station-to-AP tra nsmit so that it can[...]

  • Página 97

    92 ww w . g at eway . c om Example of Using St atic WEP For a simple example, supp ose you configure three WEP keys on the ac cess point. In our example, the T ransfer Key Index for the AP is set to 3 . This mea ns that the WEP key in slot 3 is the k e y the access poi nt will use to encryp t the data it se nds. Y ou must then set all client statio[...]

  • Página 98

    93 www .gate wa y .com If you have a second client s tation , that st ation al so need s to hav e one of the WEP k eys defined on th e AP . Y o u could g ive it the same WEP key you ga ve to the first station. Or for a more secure solutio n, you could give th e second station a different WEP key (key 2, for example) so that the two stations cannot [...]

  • Página 99

    94 ww w . g at eway . c om When configurin g IEEE 802.1x mode, you have a ch o ice of whethe r to use the embedded RADIUS server or an external RADIUS server that yo u provide . The Gateway 7001 Series self-managed AP embedde d RADIUS server su pports Protected EAP (PEAP) and MSCHAP V2. If you use your own RADIUS server , you have t he o ption of u[...]

  • Página 100

    95 www .gate wa y .com WP A with RADIU S W i-Fi Protec ted Access (WP A) wit h Remote Authe ntication Dial-In Use r Service ( R A D I U S ) i s a W i-Fi Alliance subset of IEEE 802.11i, whic h includes T emporal Key Int egrity Protocol (TKIP), Co unter mode/ CBC-MAC Protoc ol (CCM P) Advanced Enc ryptio n Standard (AES ), and 802.1x me chanisms. Th[...]

  • Página 101

    96 ww w . g at eway . c om Field D escr iptio n Ciphe r Suites Select th e cipher y ou want to use from the l ist: • TKIP • CCMP (AES) • Both T emporal Key I ntegrity Prot ocol (TKIP) is the def ault. TKIP provide s a more secure encryption so lution than WEP k eys. The TKIP process more frequent ly changes th e encryption ke y used a nd bett[...]

  • Página 102

    97 www .gate wa y .com WP A-PSK W i-Fi Protected Access (WP A) with Pre-Shared K ey (PSK) is a W i-Fi Alliance su bset of IEEE 802.11i, which inc ludes T emporal Key Integrit y Protocol (TKIP), Advanced Enc r yption Algorithm (AES) , Counter mode/CBC-MAC Pr otocol (CCMP) 802 .1x mechan isms. PSK employs a pre-shared key . This is used for an initia[...]

  • Página 103

    98 ww w . g at eway . c om Updating settings T o ap ply you r chang es, click Update . Field D escr iptio n Ciphe r Suites Select th e cipher y ou want to use from the l ist: • TKIP • CCMP (AES) • Both T emporal Key I ntegrity Prot ocol (TKIP) is the def ault. TKIP provide s a more secure encryption so lution than WEP k eys. The TKIP process [...]

  • Página 104

    99 www .gate wa y .com Sett ing up Gu est A ccess Out- of- th e-b ox gu est in ter face fe atur es a llo w yo u to conf ig ure the G ate wa y 700 1 S erie s self-managed AP for controlled guest a ccess to an isolated network. Y ou can configure the same access point to broadc ast and function as two differen t wireless networks: a secure Internal L[...]

  • Página 105

    100 ww w . g at eway . c om C onfiguring the guest inter face T o configure the Guest interface: 1 Do one of th e foll owin g: Configure the access point to represent two ph ysically separate networks as described in the following section, see “Configurin g a physically separate guest network” on page 10 0 . OR - Configure the access point to r[...]

  • Página 106

    101 www .gate wa y .com (Start b y cho osing For Interna l and Guest access, us e two: Ethernet P orts as described in “Specifying a p hysical or virtual Guest network” on page 70 .) 3 Provide the radio interfac e settings and network names (S SIDs) for both internal and guest networks as described in “Configuring a wireless interface” on p[...]

  • Página 107

    102 ww w . g at eway . c om T o set up the captive portal: 1 Click Advanc ed > Guest Login on the Administrati on We b p a g e . T h e Modif y guest welcome screen sett ings screen opens. 2 Cho ose Enabled to a ctivate the welcom e screen. 3 In the Welcom e Scre en Te xt box, type the text message you would like g ue st clients to see on the cap[...]

  • Página 108

    103 www .gate wa y .com 3 The guest client chooses Guest SSID . The guest client s tarts a W e b browser an d receiv es a Guest W elcome Screen. The Gu est W elcome Screen provides a button for the cli e nt to click to con tinue. The guest cl ient can now use the “gue st” network. Deplo yment example In the figure, the dotted red lines indic at[...]

  • Página 109

    104 ww w . g at eway . c om C onfiguring r adio settings Understanding ra dio settings Radio settings direc tly control the behavior of the radio de vice in the access point and its interaction with the physical medium, specifically how and w hat type of electromagnetic waves the AP emits. Y ou can specify whether the radio is on or off, radio freq[...]

  • Página 110

    105 www .gate wa y .com Na vigating to r adio settings T o specify radio settings, click Ad vanced > Radio on th e Administratio n W e b page. The Modify radio set tings screen o pens. Update the boxes as descr ibed in the following section.[...]

  • Página 111

    106 ww w . g at eway . c om C onfiguring radio settings Field D escr iptio n Radio The Gatew ay 700 1 Series self-manage d AP is av ailab le in a dual band and single band ve rsion. Single-Band AP : If y ou ha ve the single ba nd ve rsion of th e Gatew ay 7001 AP , this b ox i s not includ ed on the Radi o tab . Dual-Band AP : The dual band access [...]

  • Página 112

    107 www .gate wa y .com Beacon In ter v al Beacon fra mes are transm itted by a n access point at regular interva ls to announc e the e xistence of t he wireless net work. The def ault beh avior is to send a be acon frame once e very 100 mill iseconds (or 10 p er second). The Beaco n Interval v alue is se t in milli seconds . T ype a value from 20 [...]

  • Página 113

    108 ww w . g at eway . c om RTS Thres hol d Speci fy an RTS Thres hol d value be tween 0 an d 2347 . The R TS thresho ld specifies th e pack et size of a req uest to send (R TS) trans missio n. This hel ps control tr affic flo w through the ac cess point, e specially o ne with a lot of c lient s. If yo u specify a lo w threshold v alue , RTS pac ke[...]

  • Página 114

    109 www .gate wa y .com Updating settings T o ap ply you r chang es, click Update . Important If y ou are using th e dual band v ersion of th e Gatew ay 70 01 Series self-m anaged AP , k eep in m ind that b oth Radio O ne and Radio T wo are configure d on this tab . The displa y ed settin gs apply to ei ther Radio O ne or Radio T wo , depe ndi ng o[...]

  • Página 115

    110 ww w . g at eway . c om C ontr olling acc ess by MA C address filtering A Media Access Control (MAC) address is a hardware address that uniquely identifies each node of a network. All IEEE 802 network devices share a common 48-bit MAC address format, usually displayed a s a string of 12 hexadecimal digits separ ated by colons, for example FE:DC[...]

  • Página 116

    111 www .gate wa y .com U sing MA C address filtering This page le ts you control access to G ateway 7001 Series self-m anaged AP based on Media Access Control (MAC) addresses. Based on how you set the filter , you can allow only client stations with a listed MAC address or prevent access to the statio ns listed. For the guest interface, MAC fi lte[...]

  • Página 117

    112 ww w . g at eway . c om C onfiguring a W ireless Distr ibution Sys te m ( W DS ) The Gateway 7001 Series self-managed AP lets you connect multiple access poin ts using a W ireless Distribution Syst e m (WDS). WDS l ets access points commun icate with one another wirelessly in a standardized way . This capability is c ritical in providing a seam[...]

  • Página 118

    113 www .gate wa y .com Conferenc e Room (LAN 1), and another Ethern et-wired access point ser ving stations in the W est Wing off ices (L AN 2). Y o u can bridge the C onference Room and W est Wing acce ss points with a WDS l ink to create a single network for clients in both areas. Usi ng WDS to extend th e network be yond th e wired co ver age a[...]

  • Página 119

    114 ww w . g at eway . c om by p lacing a s econd ac cess po int clos er to se cond grou p of stati ons (“ Poolside ” in our example) and bridge the two APs with a WDS link. This extends your network w irelessly by providing a n extra hop to get to dista nt stations. Backu p links and unwant ed loo ps in WDS bridg es Another use for WDS bridgin[...]

  • Página 120

    115 www .gate wa y .com Sec uri ty con side rations related to WD S brid ges Stati c W ired E q uivale nt Privacy (WEP) is a data encryption protocol for 802.1 1 wirele ss networks. Both a ccess points in a give n WDS link must be co nfigured with the same security settings. For static WEP , either a static 64-bit (40-bit secret key + 24-bit init i[...]

  • Página 121

    116 ww w . g at eway . c om Important The f ollo wing figure shows the WDS settings page f or the dual band AP ( Gatew ay 70 01 802.11 A+G Wi reless Access P oint). The Administr ation We b page for the single band AP (Ga tewa y 7001 8 02.11 G Wirel ess Access P oint) will loo k slightly diff erent.[...]

  • Página 122

    117 www .gate wa y .com C onfiguring WDS settings The following notes summarize so me critical guidelines regard ing WDS configura tion. Read all the notes befo re proceeding with WDS c onfiguration. T o configure WDS on this access point , descri be each AP intended to receive hand-offs and send information to this AP . Each destination AP needs t[...]

  • Página 123

    118 ww w . g at eway . c om Field D escr iptio n Radio The Gatew a y 7001 AP is a v ailable in a dual ban d and single ba nd vers ion. Single-Band AP : On the single b and v ersion of the Gatew a y® 7001 AP , this box is not i ncluded on th e WDS tab. Dual-Band AP : F or each WDS link on a du al-band AP , select R adio One or R adio T wo . The res[...]

  • Página 124

    119 www .gate wa y .com Example of c onfiguring a WDS link When using WDS, be sure to confi gure WDS settings on both access points on the WDS link. T o create a WDS link between a pair of access points: 1 Open the Administration W eb pages for MyAP1 (for example), by typ ing the IP address for MyAP1 as a URL in the W eb browse r address bar in the[...]

  • Página 125

    120 ww w . g at eway . c om 3 Configure a WDS in terface for data exch ange with MyAP2 (for exam ple). Start by typi ng the MAC address for MyAP2 as the “Remote Address” and fill in the rest of the boxes to specify the network (gue st or internal), security , and so on. Save the settings (click Update ). 4 Click Adv anced—>Radio on the Adm[...]

  • Página 126

    121 www .gate wa y .com C onfiguring security se ttings on wireless clients T ypically , users will configure security on thei r wireless clients for a ccess to many different networks (access po ints). The list of “Availa ble Netwo rks” will c hange depending on the location of the cl ient and which APs are online and detectable in that loc at[...]

  • Página 127

    122 ww w . g at eway . c om ■ “Configuring a cl ient to access an unsecure n e t w o r k ( p l a i n t e x t m o d e ) ” o n p a g e 1 2 5 ■ “Configuring sta tic WEP security on a client” on page 126 ■ “Configuring IEEE 802.1x securi ty on a client” on page 129 ■ “Configuring WP A with RADIUS security o n a c lient” on page [...]

  • Página 128

    123 www .gate wa y .com ■ “IEEE 802.1x client u sing EAP-TLS certificate” on p age 133 ■ “WP A with RADI US client using EAP-TLS c e rtificate” on page 141 ■ “Configuring a n external RADIUS server to recognize the Gateway 7001 AP” on page 14 6 ■ “Obtaining a TLS-EA P certificate for a client” on page 151 Details on how t o [...]

  • Página 129

    124 ww w . g at eway . c om d Select the SSID of the network to which you want to connec t, then c lick Advanced. The Wir eless Network Connection Pr operties dialog box, which lists available networks and preferred n etworks, opens. 2 From the list of A v ailable n e tworks select the SSID of the network to whi ch you want to connect, th en click [...]

  • Página 130

    125 www .gate wa y .com Use this dialog box for configuring all the different types of client security de sc ribed in the following sections. Make sure that the W ireless Net work Prope rt ies dialo g box you are working in pertains to the Network Name (SSID) for th e network yo u want to reach on the wireless client y o u are configuring . C onfig[...]

  • Página 131

    126 ww w . g at eway . c om C o nfiguring stat ic WEP securit y on a clie nt Stati c W ired Equivalent Privacy (WEP) encrypts data moving across a wireless network based on a static (non-changing) key . The encryption algorithm is a “stream” cipher called RC4. The access point uses a key to transmit data to the client statio ns. Each client mus[...]

  • Página 132

    127 www .gate wa y .com T o configure WEP secur ity on each client: 1 On the Net work Prop ert ies dialog box, selec t the Association tab. The Associat ion dialog box opens. 2 Sele ct Open or Shar ed in the Network Authentication list , then select WEP in the Data encry ption list. 3 T ype a Ne twor k key in t he bo x pro vide d. Make sure the net[...]

  • Página 133

    128 ww w . g at eway . c om C onnecting t o the wi reless network with a st atic WEP client Stat ic WEP cli ents shou ld now be abl e to associ ate and aut hentic ate with the access po int. As a client, y ou will not be prompted for a W EP key . The WEP key configured on the client security settings is automa tically used when you connect. Associa[...]

  • Página 134

    129 www .gate wa y .com C o nfiguring IEEE 80 2.1x securit y on a cl ient IEEE 802.1x is the standard d efining port-based authentication and infrastructure for doing key management. Extensible Authentica tion Protoco l (EAP) messages are sent over an IEEE 802.11 wireless n etwork using a protocol calle d EAP Encap sulation Over LANs (EAPOL). IEEE [...]

  • Página 135

    130 ww w . g at eway . c om T o configure the clients with IEEE 802.1x security with PEAP authentication: 1 On the Net work Prop ert ies dialog box, selec t the Association tab. The Ass ociation dialo g box opens. 2 Sele ct Op en in the Network Authentication list, select WEP i n the Data Encryption list, then cli c k to select the Th e key is pr o[...]

  • Página 136

    131 www .gate wa y .com 4 Click to select the Enable IEEE 802.1x authenticat ion for this network check box, sel ect Pr otected EAP (PEAP) from the EAP type list, t he n click Properties . The Protected EAP Proper ties dialog box op ens. 5 Click to clear the V alidate server certificate che ck box, sele ct Secured pass wor d (EAP-MSCHAP v2) from th[...]

  • Página 137

    132 ww w . g at eway . c om Logging on to the Wireles s Network with an IEEE 802.1x PEAP Client IEEE 802.1x PEAP c lients should now be able to associ ate with the access point. Client users will be prompted for a user na me a nd password to authentic ate with the network. Associat ion T a b Network A uthentic ation Open Data E ncr yption WEP Note:[...]

  • Página 138

    133 www .gate wa y .com IEEE 802 .1x client using EAP-T LS cer tificate Extensible Authenticati on Protocol (EAP) T ransport Lay e r Security (TLS ), or EAP-TLS, is an authentication proto c ol that supports the use of smart cards and certificates. Y ou have the option of using EAP-T LS with both WP A with RAD IUS and IEEE 802.1x modes if y o u hav[...]

  • Página 139

    134 ww w . g at eway . c om If you configured the Gateway 7001 AP to use IEEE 802.1x security mode with an external RADIUS server , you need to configure IEEE 802.1x security with certificate authentic ation on ea ch client. T o configure each client for IEEE 802.1x security with certificate authentication: 1 On the Net work Prop ert ies dialog box[...]

  • Página 140

    135 www .gate wa y .com 3 Click the Authenticatio n tab. The Authenti cation dialog box op ens. 4 Click to selec t the Enable IEEE 802.1 x authentication f or this netw ork check bo x, sele ct Smart Card or other Cer tificate from the EAP type list, then click Properties . The Smart Card or other Certificate Properties dialog box opens.[...]

  • Página 141

    136 ww w . g at eway . c om 5 Enable the V ali dat e ser ver cer ti fica te option, th e n select th e name o f the certificate you downloaded for t his client in step 4 of the previous procedure. For more information, see “Obtaining a TLS-EAP certificate for a client” on page 151 . 6 Click OK on each dialog box to close and sa ve the settings.[...]

  • Página 142

    137 www .gate wa y .com C o nfiguring W P A with RADIUS se curity on a client W i-Fi Protec ted Access (WP A) with Remote Authentication Dial-In User Service (R ADIUS) is a W i-Fi Alliance subset of IEEE 802.11i, which includes T emporal Key Integrity Protocol (TKIP), and Cou nter mode/ CBC-MAC Protocol me chanisms. This mod e requires the use of a[...]

  • Página 143

    138 ww w . g at eway . c om T o set up user accounts on the access point: 1 Access the Administ ra tion W eb page for the access p o int ( “Navigating to basic settings” on p age 30 ), then click Cluster > User Manageme nt . The Man age user accounts screen opens. 2 Set up us e r accounts as necessary . T o configure WP A security with PEAP [...]

  • Página 144

    139 www .gate wa y .com 2 Sele ct WP A in the Network Authentication list, and TKIP or AES in th e Data Encryption list, then click t he Authentica tion tab. The Authenticatio n dialog bo x opens. 3 Sele ct Protected EAP (PEAP) from the EAP type list, then click Pr operties . The Protected EAP Proper ties dialog box opens .[...]

  • Página 145

    140 ww w . g at eway . c om 4 Disable the V alidate s erver certificate op tion, sel ect Secured pass wor d (EAP-M SCHAP v2) from the Select Authentic ation Method list, then click Configu r e . The EAP MSCHAP v2 Propert ies dialo g box opens. 5 Click (to uncheck) the A utomaticall y use m y Windows login name and pas swo rd (and domain, if a ny) b[...]

  • Página 146

    141 www .gate wa y .com WP A wit h RADIUS c lient us ing EAP-TL S cert ificate Extensible Authenticati on Protocol (EAP) T ransport Lay e r Security (TLS ), or EAP-TLS, is an authentication protocol that supports the use o f sma rt cards and certifica tes. Y ou have the option of using EAP-T LS with both WP A with RAD IUS and IEEE 802.1x modes if y[...]

  • Página 147

    142 ww w . g at eway . c om If you configured the G ateway 7001 AP to use WP A with RADIUS security mode with an external RADIUS server , you must configure WP A security with certificate authentication on ea ch client. T o configure WP A security with certificate authentication on each client: 1 On the Net work Prop ert ies dialog box, selec t the[...]

  • Página 148

    143 www .gate wa y .com 3 Sele ct S mar t Card or ot he r Ce rt ifi cat e from the EAP T ype list, click to select the A uthenticate as computer when com puter inf ormation is av ailable check box , then click Properties. The Sm art Card or other Certificate Properties dialog box op ens. 4 Sele ct th e V alidate serv er certificate option, then sel[...]

  • Página 149

    144 ww w . g at eway . c om Logging on to the wireless network with a WP A client usin g a certific ate WP A clients should no w be able to connect to the access poi nt using their TLS certificates. The certificate you installed is used when you connect, so you will not be prompted for login information. Th e certificate is auto ma tically sent to [...]

  • Página 150

    145 www .gate wa y .com C onnecting t o the wi reless network with a WP A-PSK clie nt WP A-PSK cli ents should now be able to associate and authenticate with the access point. As a client, you will not be prompted for a key . The TKIP or AES key you configured on the client security s ettings is automatically used when y ou connect. Associat ion T [...]

  • Página 151

    146 ww w . g at eway . c om Configu ring a n ex tern al R ADIUS ser ver to re cogn ize th e G ateway 7001 AP An external Remo te Authentication Dial-in Us er Server (RADI US) server running o n the network can supp o rt of E AP-TLS smart card/certificate distributio n to clients in a Public Key Infrastructure (PKI) a s well as EAP-PEAP user account[...]

  • Página 152

    147 www .gate wa y .com Keep in mind that the information you need to provide to the RADIUS server about the access point corresponds to settings on the a ccess point ( Advanced > Sec urity ) and v ice vers a. Y ou should have already provided the RADIUS server IP Address to the AP . In the steps that follow you will provide the a ccess point IP[...]

  • Página 153

    148 ww w . g at eway . c om T o identify your Gateway 7001 AP as a client to the RADIUS ser ver: 1 Log on to the system hosting your RAD IUS server and open the Internet Authentication Service. 2 In the left panel, right- click the RA DIUS Clients no de and choose New > Radius Client from the menu. 3 On the initial sc reen of the New RADIUS Clie[...]

  • Página 154

    149 www .gate wa y .com ■ A logical (friendly) name for the acce ss point. (Y ou might want to use the DNS name or location.) ■ IP address for the access point. 4 Click Nex t . 5 For the “S hared secret” enter the RAD IUS Key you provid ed to t he access point ( on the Advanced > Security pa ge). Re-type the key to confirm.[...]

  • Página 155

    150 ww w . g at eway . c om 6 Click Finish . The access point is now displayed as a client of the Authentication S er ver .[...]

  • Página 156

    151 www .gate wa y .com Obtain ing a TLS-EAP cer tif icate for a client W ireless clients configured to use either “W P A with RADI US” or “IEEE 802.1x” security modes with an external R ADIUS serv er that supports TL S-EAP certificates must obtain a TLS certific a te from the RADIUS server . This is an initial one-time step t hat must be c[...]

  • Página 157

    152 ww w . g at eway . c om Click Ye s to proceed to the secure W eb page for the serve r . The We l c o m e screen for the Cer tificat e Serve r is displa yed in th e browser . 2 Click Request a certifica te to get t he l ogi n pro mp t for the R ADI US ser ve r . 3 Provide a valid user name and password to access the RADIUS server, t hen click OK[...]

  • Página 158

    153 www .gate wa y .com The Requ est a Cer tif icat e dialog box opens. 4 Click User C er tificate . A Security W ar ning opens. 5 Click Ye s on the dialog box display e d to install the ce rtificate. The User Ce rtifica te - Ident ifyi ng In for mat ion dialog box opens.[...]

  • Página 159

    154 ww w . g at eway . c om 6 Click Submit to com ple te . A Potential Security Violat ion dialog box opens. 7 Cli ck Ye s to confirm the submittal. The Certificate Issued dialog box opens. 8 Click In stall this ce r tificate to install the newly issued certificate on your client sta tion, Then click Ye s on the p opup w indows that appe ar to c on[...]

  • Página 160

    155 www .gate wa y .com S etting the administra tor password The administrator p assword controls access to the Administra tion W e b pages fo r the Gateway 7001 Series self-managed AP . This setting is also available on the Basic Settings administration p age. When you set the administrator passwo rd in either place and apply the change, the new p[...]

  • Página 161

    156 ww w . g at eway . c om Updating settings T o ap ply you r chang es, click Update . Field D escr iptio n Existin g Pa s sw o r d T ype a new ad ministrato r pass word. The te xt yo u type will be displ ay ed as “*” char acters to pre ve nt others from seei ng your p assw ord as y ou type. Ne w P ass word Re-typ e the new administr ator pass[...]

  • Página 162

    Chapter 8 157 Maint enanc e and Monit oring ■ Interfa ces ■ Event log ■ T ransmit/receive statistics ■ Associ ated wireless cli ents ■ Rebooting the access point ■ Resetting the configuration ■ Upgra ding the firmware[...]

  • Página 163

    158 ww w . g at eway . c om Introduc tion The maintena nc e and monit oring tasks describe d he re all pert ain to view ing and mo difyin g settings on specific access points, and not on a cluster configuration tha t is automatical ly shared by mul tiple access points. Th erefore, it is important to ensure that you are acce ssing the Administratio [...]

  • Página 164

    159 www .gate wa y .com Int er faces T o monitor wired LAN and wireless LAN (WLAN) settings, select the access point you want to monitor on the Adminis tration W eb page, then click Status > Interfaces . The Vi e w se t t i n gs for networ k interfaces screen opens. This page disp lays the current settings of t he Gateway 7001 Series se lf-manag[...]

  • Página 165

    160 ww w . g at eway . c om Ethernet ( Wir ed) settings The internal interface includes th e MAC Address, IP Address, Subnet Mask, and Assoc ia ted Network Wireless Name (SSID). The guest interface includes the MAC Address, VLAN ID, and Associated Network Wireless Name (SSI D). If you want to change any of th ese settings, click Configure . W irele[...]

  • Página 166

    161 www .gate wa y .com Even t l o g T o view transmit/receive statistics for a partic ular access point, select the access point you want to monit o r on the Administratio n W e b page, then c lick Status > Events . Th e V iew eve nts generated b y this access poin t screen opens. This page lis ts the most recent events generated by thi s acces[...]

  • Página 167

    162 ww w . g at eway . c om T ransmi t/rec eiv e sta tistics T o view transmit/receive statistics for a partic ular access point, select the access point you want to monit o r on the Administratio n W e b page, then c lick Status > T ransmit/Re ceive Statistics . T he Vi ew transmit and re ceive statistics for thi s access point screen opens. Th[...]

  • Página 168

    163 www .gate wa y .com Field Descrip tion IP Address IP Addres s for the access poi nt. MA C Address Gate wa y 7001 AP Admi nistrators Gui de MA C Address Medi a Access Control (M AC) addre ss fo r the specified in terface . A MA C address is a permanent, unique hardware address f or any de vice tha t represents a n interf ace to the ne twork. The[...]

  • Página 169

    164 ww w . g at eway . c om Associa ted wireless client s T o view the client st ations associated with a partic ular access point, selec t the access point you want to monitor on the Administration W eb page, then click Status > Clien t Associations . The V iew list of currently asso ciated client stations sc ree n opens. The associ ated stat i[...]

  • Página 170

    165 www .gate wa y .com Rebooting the acc ess poin t For maintenan ce purposes or as a troubleshoo ting measure, yo u can reboot the Gateway 7001 AP as follo ws. T o reboot the access point: 1 From the Adm inis tra tio n W eb page, click Ad vanced > Reb oot . The Reboot pa ge opens. 2 Click Reboot . Th e AP reboots.[...]

  • Página 171

    166 ww w . g at eway . c om Resetting the configura tion If you are exp eriencing extreme pr oblems with the Gateway 7001 Series self-manage d AP and have tried all other t roubleshooting measures, use the Reset Configuration func tion. This will restore factory defaults and clear all settings , including settings such as a new password or wireless[...]

  • Página 172

    167 www .gate wa y .com 2 Click Rese t . Fact ory defaul ts are restor ed. Important K eep in min d that if y ou do reset the c onfigur ation from this page , you are doing so f or this a ccess point on ly , and not f or other acces s points in the c luster . F or inf or mation o n the f actory def ault settings , see “De fault settin gs and supp[...]

  • Página 173

    168 ww w . g at eway . c om Upgr ading the firmwar e As new versions of the Gateway 7001 Series self-man aged AP firmware become available, you can upgrade the firmwa re on your access po ints to take advantages of new features and enha ncements. T o upgrade the firmware on a particular access point: 1 Select the access p oint to upgrade from the A[...]

  • Página 174

    169 www .gate wa y .com When clicking Update for the firmware upgrade, a popup confirmation window is displayed that de scribes the upgrade proc ess. Click OK to confirm the upgrade, a nd start the process 4 Repeat steps 1 to 3 for each access point you want to upgrade. Important T o v erify that the firmwa re upgrade completed su ccessf ully , che[...]

  • Página 175

    170 ww w . g at eway . c om[...]

  • Página 176

    Chapter 9 171 T roubleshoot ing and G etting Help ■ Known proble ms ■ T echnical s upport[...]

  • Página 177

    172 ww w . g at eway . c om Kno wn problems The follo w ing table summarizes p roblems that ha ve been identifi ed in the Gatewa y 7001 AP software. Bug Numbers Description Workaround 2690, 27 03 IP address f or access p oint ma y change when Gu est Access is ena bled or when the DNS na me is change d. Use Kickstart or ch ec k DHCP logs to determin[...]

  • Página 178

    173 www .gate wa y .com T echnical Suppor t Gateway offers a wide range of customer service, technical support, and information services. T elephone numbers Y ou can access the following services through your telephone to get a nswer s to your questi ons: Resource Service description How to reach Gatewa y T echni cal Suppor t T alk to a Gatew a y T[...]

  • Página 179

    174 ww w . g at eway . c om[...]

  • Página 180

    App end ix A 175 Glossar y[...]

  • Página 181

    176 ww w . g at eway . c om 802 IEEE 802 ( IEEE Std. 802-2001 ) is a family of standards fo r peer-to-pe er communic ation over a LAN . These technologies use a shared-medium, wi th information broadcast for a ll stations to re ceive. T he basic communic ations ca pabiliti es pro vided are packet-based . The basic unit of transmission is a sequence[...]

  • Página 182

    177 www .gate wa y .com 802.11b IEEE 802.11b ( IEEE Std. 8 02.11b-1999 ) is an enhancement of the initial 802.11 PHY to include 5.5 Mbps and 11 Mbps data rat e s. It uses direct sequence spread spectrum (DSSS) or frequency hoppi ng spread spectrum (FHSS) in th e 2.4 GHz ISM band as well as complementary code keying (CCK) to provi de the higher da t[...]

  • Página 183

    178 ww w . g at eway . c om 802.1Q IEEE 802.1Q is the IEEE standard for Virtua l Loca l Area N etwor ks ( VLAN s) specific to wireless technologie s. (See http://www .ieee802.org/1/pages/802.1Q.html .) The standard addresses th e problem of how to break large networks i nto smaller parts to prevent broadcast a nd multicast data traffic from co nsum[...]

  • Página 184

    179 www .gate wa y .com ■ The Beacon int er val defines the amount of time be tween transmitting beacon frames. Before entering power save mode, a station needs the beacon interval to know when to wake up to receive the beacon. ■ The Capability Informati on lists requirements of statio ns that want to join the WLAN. For example, it indicates th[...]

  • Página 185

    180 ww w . g at eway . c om CCM P Coun ter mo de/C BC -MAC Protoc ol (CCMP) is an encryption meth od for 802.11i that uses AES . It employs a CCM mo de of operation, combining the Cip her Block Chaining Co unter mode (CBC-CTR) a nd the Cipher Block Cha ining Message Authentication Code (CBC-MAC) for encry ption and messag e integrity . AES-CCMP req[...]

  • Página 186

    181 www .gate wa y .com DCF The Distribu tion Control Fu nction is a component of t he IEEE 802.11e Quality of Service (QoS) techno logy standard. The D CF coordinates c hannel access amon g multiple stations on a wireless network by controlling wait times f or channel access. W ait times are determined by a random backoff timer which is configurab[...]

  • Página 187

    182 ww w . g at eway . c om EAP The Extens ible Authentic ation Protocol ( EAP) is a n authenticati on protocol that supports multiple methods, such as token cards, Kerberos, one-time passwords, certificates, public key authenticatio n, and smart cards. V ariations on EAP include EAP Cisco Wireless (L EAP), Protected EAP (PEAP), EAP-TLS, and EAP T [...]

  • Página 188

    183 www .gate wa y .com Before a h ost on a LAN can access the Internet, it needs to know the address of its default gatew ay . HTML The Hypertext Markup Language ( HTML ) defines the structure of a documen t on the W orld W ide W eb. It uses tags and attributes to hint about a layout for the document. An HTML do cument starts with an <html> [...]

  • Página 189

    184 ww w . g at eway . c om An infrastructure mo d e framework can be prov id ed by a singl e access point ( BSS ) or a number of access po ints ( ESS ). Intrusion D etection The Intrusion Detecti on System (IDS) i nspects all inbound network activity and reports suspicious pa tterns that may indicate a network or system att ack from someone attemp[...]

  • Página 190

    185 www .gate wa y .com IPSe c IP Se curi ty (IPSec) is a set of protocols to support the secure exchange of packets at the IP layer . It uses sha red public keys. There are two encryption m odes: T ra nsport and T u nnel. ■ Tr a n s p o r t m o d e encrypts only the da ta portion (payload) of each packet, but leaves the headers untouched. ■ Th[...]

  • Página 191

    186 ww w . g at eway . c om Lease Time The Lease T ime specifies the period o f time the DHCP Server gives its clients an IP Address and other required information. When the lease expire s, the client must request a new lease. If the lease is set to a short sp an, you can update your network information and prop agate th e info rmatio n provide d t[...]

  • Página 192

    187 www .gate wa y .com NA T Network Addr ess T ran slation is an Internet st andard that masks the internal IP addresses being used in a LAN . A NA T server running on a gateway mai ntains a translation table that maps all internal IP addresses in outbound requests to its own address and converts all inbound requests to the c orr ect internal ho s[...]

  • Página 193

    188 ww w . g at eway . c om ■ Layer 5, the Session layer , defines protocols for initiating, maint a ining, and ending communica tion and tran sactions across t he network. Some common ex amples of protocols that operate o n this layer are network file system (NFS) and struct ured query language (SQL). Also part of this l ayer are communication f[...]

  • Página 194

    189 www .gate wa y .com PPP The Point- to-Point Pr otocol is a standard for t ransmittin g network l ayer datagra ms ( IP packets) over serial point-to-point links. PPP is designed to operate both over asynchronous connections and bit-oriented synchronous systems. PPPoE Point-t o-Point Protoco l over Ethernet (PPPoE) is a specification for connecti[...]

  • Página 195

    190 ww w . g at eway . c om RC4 A symmetric stream cipher provided by RS A Sec urity . It is a variable key-size strea m cipher with byte orient ed operations. It allows keys up to 2048 bits in length. Router A rou te r is a ne twor k d evic e wh ich for war ds pack et s between networks. It is connected to at least two networks, commonly between t[...]

  • Página 196

    191 www .gate wa y .com SSID The Service Set Identifier (SSID) is a thirty-two character alphanumeric key that uni quely i d e n t i f i e s a w i r e l e s s l o c a l a r e a n e t w o r k . I t i s a l s o r e f e r r e d t o a s t h e Network Name . There are no restric tions on t he charact ers that m ay be used in an SSID. Static IP Address S[...]

  • Página 197

    192 ww w . g at eway . c om TCP The T r ansmi ssion Control Protoc ol (TCP) is built on top of Internet Protocol ( IP ). It add s reliable communication (guarantees delivery of data), flow-control, multiplexin g (more than one simultaneous c o nnection), and conn ection-oriented transmission (requires the receiver of a packet to acknowledge r eceip[...]

  • Página 198

    193 www .gate wa y .com UDP neither guarantees delivery nor does it require a connection. It is lightweight and efficient. All error processing and retransmi ssion must be performed by the application progr am. Unicast A Unic ast sends a message to a single , specified receiver . In wireless networks, unic a st usually refers to an interaction in w[...]

  • Página 199

    194 ww w . g at eway . c om Ty p i c a l ly, a n Access Point is connected to a wired LAN . WDS lets access p o ints b e connected wirelessly . The access points ca n functi on as wireless repeaters or bridges. WEP W ired Equivalent Privacy (W EP) i s a d ata encrypt ion p rotoc ol f or 802 .11 wirele ss networks. All wireless stations and access p[...]

  • Página 200

    195 www .gate wa y .com WRAP Wireless Robu st Aut hentic ation Protoc ol (WRAP) is an enc ryption m ethod for 802.11i that uses AES but anoth er encry ption mode ( OC B ) for encr yption an d integrity . XML The Extensible Markup Language (XML) is a specification developed by the W3C. XML is a simple, flexible text format derived from St andard Gen[...]

  • Página 201

    196 ww w . g at eway . c om[...]

  • Página 202

    Appe nd ix B 197 Specifications[...]

  • Página 203

    198 ww w . g at eway . c om Gateway Y es No Comments Supports Infrastructure M ode X Supports Ad-Hoc Mode X Consol e P or t X Access th rough W eb-based con nection only Detacha ble Anten na(s) X 802.11g/b radio has de tachabl e antenna usi ng rev erse SMA co nnector , f or antenna replac ements provid ed by G atewa y . 802.11a d oes not allo w det[...]

  • Página 204

    199 www .gate wa y .com Wireless data rate s with Au to m at i c Fal lb a ck X 54 Mbps , 48 Mbps , 36 Mbps , 24 Mbps , 18 Mbps , 12 Mbps , 11 Mbps , 9 Mbps , 6 Mbps, 5.5 M bps, 2 Mbps , 1 Mbps Exte r nal Ante nna T ype X Singl e Det ach able Di pole Wireless F requency Ran ge X 802.11b&g L AN uses 2.40 00-2.4825 GH z band, 802.11a LAN uses 5.15[...]

  • Página 205

    200 ww w . g at eway . c om TFTP capab le X None 802.1q VLAN capable X Multiple SSID per radio X Suppor ts diff erent SSID for 802 .11a & 802.11b/g SSID Broadcas t Enable/Dis able X P er RF Radio MA C Filtering X Support for Al low or Den y Listing. Rad io En able/Di sable X Per RF Ra dio T urbo Mode X Increases data rat es to 72Mbps ( 802.11A [...]

  • Página 206

    Append ix C 201 Safe t y , Regulatory , and L egal Information[...]

  • Página 207

    202 ww w . g at eway . c om Impor tant safe t y inf ormation Y our Gateway access point i s designed and tested to meet the latest st andards for safety of information technology equ ipment. However , to ensure safe use of thi s product, it is impor tant that the safety instruc tions marked on the product and in th e documentation are foll owed. S [...]

  • Página 208

    203 www .gate wa y .com Pr eventing static electricity disc harge The components inside your AP are extremely se nsitive to static electr icity , also known as electrosta tic discharg e (ESD) . Ca re during use ■ D o n o t w a l k o n t h e p o w e r c o r d o r a l l o w a n y t h i n g t o r e s t o n i t . ■ Do not spill an ything on the acc[...]

  • Página 209

    204 ww w . g at eway . c om Regulat or y compl iance s tatem ents Wir eles s Guidance The Gateway 7 001 Series AP s, (low pow er Radio Frequen cy , RF , transmitting device) , operate in the 24 00-2483.5 MHz band fo r 802.11B&G and 5 GHz bands for 802.11 A. The follo wing section is a general overvi ew of considerations whi le operating the wir[...]

  • Página 210

    205 www .gate wa y .com United States of Americ a F ederal C ommunications C ommission (FC C) Intentional emi tter per FC C Par t 15 The power output of the AP is well below the RF exposure limits as kno wn at this time. Because this wireless device emits less ener gy than is allowed in radio frequency safety standards and recom mendations, Gateway[...]

  • Página 211

    206 ww w . g at eway . c om FC C declaration of c onformity Respo nsible pa rty: Gateway Companie s, Inc. 610 Gateway Drive, North Siou x City , SD 5704 9 (605) 232-2000 Fax: (605 ) 232-2023 Products: ■ Gateway 7001 AP For uniqu e identif ication of the produc t configuratio n, please submit the 10 -digit serial number fo und on the prod uct to t[...]

  • Página 212

    207 www .gate wa y .com Noti ces Copy r ight © 2004 Gate way , I nc. All Rights Reserved 14303 Gatewa y Place P owa y , CA 92064 USA All Ri ghts Reserv ed This publication is protected by copyright and all rights are re ser ved. No part of it ma y be reproduced or transmitted by any means or in any f or m, without prior consent in writing from Gat[...]

  • Página 213

    208 ww w . g at eway . c om[...]

  • Página 214

    209 www .gate wa y .com Inde x A access point adding to cluster 52 connecti ng to a network 18 definition 17 IP address 40 removing from cluster 51 setting up 16 turning on 20 unpackin g 16 access point settin gs understanding 50 access points clustered 57 finding 20 access poin ts management navigating to 41 adding a user 58 adding an acce ss poin[...]

  • Página 215

    210 ww w . g at eway . c om configuring g uest interface wired settings 73 configuring sec urity settings 87 configuring the g uest interface 10 0 configuring WD S settings 117 conne cting th e access p oint 18 D default conf iguration 27 default settings 5 def inition of ac cess po int 17 DHCP, understandi ng 12 disabling user accou nts 59 E editi[...]

  • Página 216

    211 www .gate wa y .com disabling 79 network time protocol settin gs navigating to 78 O operating system 9 P password admini strator 24 password, administrator 155 physically separate guest network 20 plain text s e curity mod e 81 progress bar for cluster auto-synch 45 providing a wireless network name 32 providing an administrator password 32 R r[...]

  • Página 217

    212 ww w . g at eway . c om understanding t he wire less distributi on system 112 unpacking the a ccess point 16 unwanted loops, WDS 113 , 114 upgrading the fi rmware 168 user adding 58 user account editing 59 user accounts disabling 59 enabling 59 removing 60 viewing 58 viewing a nd changing 58 user name administra tor 24 using guest network as a [...]

  • Página 218

    A MAN 7001 SRS ACC PTS GDE R1 05/04[...]