BarricadeTM N Draft 11n Wireless Broadband Router SMCWBR14S-N3
Draft 11n Wireless Broadband Router User Guide 20 Mason Irvine, CA 92618 Phone: (949) 679-8000 June 2009 Pub.
Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, nor for any infringements of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to change specifications at any time without notice. Copyright © 2009 by SMC Networks, Inc. 20 Mason Irvine, CA 92618 All rights reserved.
Warranty and Product Registration To register SMC products and to review the detailed warranty statement, please refer to the Support Section of the SMC Website at http://www.smc.com.
Compliances Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
EC Conformance Declaration Marking by the above symbol indicates compliance with the Essential Requirements of the R&TTE Directive of the European Union (1999/5/EC). This equipment meets the following conformance standards: • • • • EN 60950-1: 2006 Safety of Information Technology Equipment EN 50385: 2002 Generic standard to demonstrate the compliance of electronic and electrical apparatus with the basic restrictions related to human exposure to electromagnetic fields (0 Hz 300 GHz) EN 300328 V1.7.
Finnish Suomi SMC vakuuttaa täten että Radio LAN device tyyppinen laite on direktiivin 1999/5/EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen.
Polish Polski Portuguese Português SMC declara que este Radio LAN device está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE. Slovak Slovensky Slovenian Slovensko NCC Statement !" 、#$ , 、 !"%&' ()* +。 ,-.
About This Guide Purpose This guide details the hardware features of the wireless AP/Router, including its physical and performance-related characteristics, and how to install the device and use its configuration software. Audience This guide is for PC users with a working knowledge of computers. You should be familiar with Windows operating system concepts.
Table of Contents Chapter 1: Introduction Package Checklist Hardware Description Antennas LED Indicators Ethernet RJ-45 Ports Power Socket Reset Button WPS Button Hardware Installation Chapter 2: Installation Gateway Mode Bridge Mode 1-1 1-1 1-2 1-2 1-3 1-4 1-4 1-4 1-4 1-5 2-1 2-1 2-2 Chapter 3: Network Planning 3-1 Internet Gateway Router LAN Access Point Wireless Bridge 3-1 3-2 3-3 Chapter 4: Initial Configuration Using the Setup Wizard DHCP Static IP PPPoE L2TP PPTP 4-1 4-2 4-4 4-5 4-6 4-7 4-8 Ch
Contents L2TP PPTP LAN Setting Advanced Routing QoS Setting ALG Wireless Settings Basic Settings Advanced Wireless Settings WLAN Security Wi-Fi Protected Setup (WPS) Station List Firewall MAC/IP/Port Filtering Virtual Server Settings (Port Forwarding) DMZ System Security Content Filtering Administration Settings System Management Upgrade Firmware Configuration Settings System Status Statistics DHCP Clients System Log Reboot 5-9 5-11 5-13 5-15 5-17 5-18 5-19 5-20 5-25 5-30 5-37 5-39 5-40 5-40 5-42 5-43 5-44
Chapter 1: Introduction The SMCWBR14S-N3 wireless AP/Router is an IEEE 802.11n wireless gateway router that connects your Internet access device (cable or ADSL modem) to your PC or local area network, or to its own secure wireless network. The wireless AP/Router can be automatically configured with other Wi-Fi Protected Setup (WPS) devices by simply pressing its WPS button. For more detailed configuration, the unit can also be set up through its easy-to-use web interface.
1 Introduction Hardware Description Antennas Reset Button WPS Button Power Socket Ethernet WAN RJ-45 Port Ethernet LAN RJ-45 Ports Figure 1-1. Rear Panel Antennas The access point includes integrated MIMO antennas for wireless communications. A MIMO antenna system uses two or more identical antennas to receive and transmit signals, helping to increase data throughput and range.
1 Hardware Description LED Indicators The wireless AP/Router includes eight status LED indicators, as described in the following figure and table. Power 802.11n Link/Activity WPS Authentication WAN Link/Activity LAN Link/Activity Figure 1-2. LED Indicators LED Status Description POWER On Blue Indicates that the system is working normally. WAN On Blue Indicates a valid link on the WAN Ethernet port. Flashing indicates network activity.
1 Introduction *Slow blinking is an on-off cycle of once every 2 seconds. **Fast blinking is an on-off cycle of once of every 0.5 seconds. Ethernet RJ-45 Ports The wireless AP/Router has the following RJ-45 ports: • The four RJ-45 LAN ports are for connections to PCs or to a 10/100 Mbps network switch. • The RJ-45 WAN port is for connection to a DSL or cable modem, or to a LAN or other device that provides your Internet access.
1 Hardware Installation Hardware Installation 1. Select a Site – Choose a proper place for the wireless AP/Router. In general, the best location is at the center of your wireless coverage area, within line of sight of all wireless devices. For optimum performance, consider these points: • Mount the wireless AP/Router as high as possible above any obstructions in the coverage area.
1 1-6 Introduction
Chapter 2: Installation The wireless AP/Router has two basic operating modes that can be set through the web-based management interface. For information on setting the mode suitable for your network environment, see “Operation Mode configuration” on page 5-4. • Gateway Mode — Normal gateway mode that connects a wired LAN and wireless clients to an Internet access device, such as a cable or DSL modem. This is the factory set default mode.
2 Installation To connect the wireless AP/Router in Gateway Mode for use as an Internet gateway, follow these steps: 1. Connect an Ethernet cable from the wireless AP/Router’s WAN port to your Internet connected cable or ADSL modem. 2. Connect an Ethernet cable from the wireless AP/Router’s LAN port to your PC. Alternatively, you can connect to a workgroup switch to support multiple users. The wireless AP/Router can support up to 253 wired and wireless users. 3.
2 Bridge Mode 3. Set up wireless devices Notebook PC 2. Connect AC power 1.Connect LAN and WAN adapter to power source ports to an Ethernet LAN switch or PCs Figure 2-2. Bridge Mode Connection To connect the wireless AP/Router for use as an access point, follow these steps: 1. Using Ethernet cables, connect the wireless AP/Router’s LAN and WAN ports to PCs or a LAN switch. 2. Power on the wireless AP/Router by connecting the AC power adapter and plugging it into a power source.
2 2-4 Installation
Chapter 3: Network Planning The wireless AP/Router is designed to be very flexible in its deployment options. It can be used as an Internet gateway for a small network, or as an access point to extend an existing wired network to support wireless users. It also supports use as a wireless bridge to connect two wired LANs. This chapter explains some of the basic features of the wireless AP/Router and shows some network topology examples in which the device is implemented.
3 Network Planning The private local network, connected to the LAN port or wireless interface, provides a Dynamic Host Configuration Protocol (DHCP) server for allocating IP addresses to local PCs and wireless clients, and Network Address Translation (NAT) for mapping the multiple "internal" IP addresses to one "external" IP address.
Wireless Bridge 3 Wireless Bridge The IEEE 802.11 standard defines a Wireless Distribution System (WDS) for bridge connections between access points. The wireless AP/Router can use WDS to forward traffic on links between units. A single WDS bridge link can be specified for the WLAN1 interface. One end of a link must be configured as the “WDS Parent” and the other as the “WDS Child.” Note: The network domain of WDS child has to be the same as WDS parent.
3 3-4 Network Planning
Chapter 4: Initial Configuration The wireless AP/Router offers a user-friendly web-based management interface for the configuration of all the unit’s features. Any PC directly attached to the unit can access the management interface using a web browser, such as Internet Explorer (version 6.0 or above). This chapter describes the wireless AP/Router’s configurable features, all of which may be accessed through the web interface.
4 Initial Configuration Using the Setup Wizard There are only a few basic steps you need to set up the wireless AP/Router and provide a connection for network access for other wireless stations. The Setup Wizard takes you through configuration procedures for the general network settings. Follow these steps: 1. Launch the Setup Wizard – Click “Setting Wizard” on the left side of the screen to enter the setup wizard page. Click Next to begin the setup. Figure 4-2.
4 Using the Setup Wizard 2. Operation Mode Configuration – Select the operation mode required for the network environment. Figure 4-3. Setup Wizard - Operation Mode 3. NTP Setting – Select a time zone according to where the device is operated. Click Next after completing the setup. Figure 4-4.
4 4. Initial Configuration WAN Configuration – Specifies the Internet connection parameters for the wireless AP/Router is WAN port. Click Next after completing the setup. WAN Connection Type — By default, the access point WAN port is configured with DHCP enabled. After you have network access to the access point, you can use the web browser interface to modify the initial IP configuration, if needed. The options are Static IP, DHCP, PPPoE (ADSL), L2TP and PPTP.
Using the Setup Wizard 4 Static IP Configures a static IP for the WAN port. Figure 4-6. Setup Wizard - WAN Static IP • IP Address – The IP address of the wireless AP/Router. Valid IP addresses consist of four decimal numbers, 0 to 255, separated by periods. • Subnet Mask – The mask that identifies the host address bits used for routing to specific subnets.
4 Initial Configuration • MAC Clone Mode – Some ISPs limit Internet connections to a specified MAC address of one PC. This setting allows you to manually change the MAC address of the wireless AP/Router's WAN interface to match the PC's MAC address provided to your ISP for registration. You can enter the registered MAC address manually by typing it in the boxes provided.
4 Using the Setup Wizard L2TP Enables the Layer Two Tunneling Protocol (L2TP) for implementing virtual private networks. The service is provided in many European countries. Figure 4-8. Setup Wizard - WAN L2TP • Server IP – Sets the L2TP server IP Address. (Default: l2tp_server; Range: 1~32 characters) • Username – Sets the L2TP user name for the WAN port. (Default: l2tp_user; Range: 1~32 characters) • Password – Sets a L2TP password for the WAN port.
4 Initial Configuration • Default Gateway – The IP address of the gateway router for the wireless AP/ Router, which is used if the requested destination address is not on the local subnet. • MAC Clone Mode – Some ISPs limit Internet connections to a specified MAC address of one PC. This setting allows you to manually change the MAC address of the wireless AP/Router's WAN interface to match the PC's MAC address provided to your ISP for registration.
4 Using the Setup Wizard • Server IP – Sets the PPTP server IP Address. (Default: pptp_server) • Username – Sets the PPTP user name for the WAN port. (Default: pptp_user; Range: 1~32 characters) • Password – Sets a PPTP password for the WAN port. (Default: pptp_password; Range: 1~32 characters) • Verify Password – Prompts you to re-enter your chosen password. • Address Mode – Sets a PPTP network mode. (Default: Static) • IP Address – Sets the static IP address. (Default: 0.0.0.
4 Initial Configuration • Network Name (SSID) – The name of the wireless network service provided by the VAP. Clients that want to connect to the network must set their SSID to the same as that of the VAP interface. (Default: “WBR14S_N3_AP”; Range: 1-32 characters) • Security Policy – Configures the security mode used by clients. See “WLAN Security” on page 5-30.
Chapter 5: System Configuration The wireless AP/Router offers a user-friendly web-based management interface for the configuration of all the unit’s features. Any PC directly attached to the unit can access the management interface using a web browser, such as Internet Explorer (version 6.0 or above). This chapter describes the wireless AP/Router’s configurable features, all of which may be accessed through the web interface.
5 System Configuration The System Information page displays the System, Internet Configuration, and Local Network Settings. Figure 5-2. System Information (Gateway Mode) The information in this chapter is organized to reflect the structure of the web management screens for easy reference. The Configuration pages include the options in the table below. For details on configuration for each feature, see the corresponding page number.
5 Table 5-1.
5 System Configuration Operation Mode configuration The Operation Mode Configuration pages allow you to setup the mode suitable for your network environment. Figure 5-3. System Information (Gateway Mode) • Bridge Mode – An access point mode that extends a wired LAN to wireless clients. • Gateway Mode – Normal gateway mode that connects a wired LAN and wireless clients to an Internet access device, such as a cable or DSL modem. This is the factory set default mode. • NAT – Enable NAT settings.
5 Internet Settings Internet Settings The Internet Settings pages allow you to manage basic system configuration settings. Note: In Bridge mode, the wireless AP/Router’s Internet Settings options are significantly reduced. WAN Setting Specifies the Internet connection parameters. Click on “Internet Settings” followed by “WAN”. WAN Connection Type — By default, the access point WAN port is configured with DHCP enabled.
5 System Configuration • Hostname (Optional) – The hostname of the DHCP client. • MAC Clone Mode – Some ISPs limit Internet connections to a specified MAC address of one PC. This setting allows you to manually change the MAC address of the wireless AP/Router's WAN interface to match the PC's MAC address provided to your ISP for registration. You can enter the registered MAC address manually by typing it in the boxes provided.
Internet Settings 5 • Default Gateway – The IP address of the gateway router for the wireless AP/ Router, which is used if the requested destination address is not on the local subnet. • Primary DNS Server – The IP address of the Primary Domain Name Server on the network. A DNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses.
5 System Configuration • PPPoE Username – Sets the PPPoE user name for the WAN port. (Default: pppoe_user; Range: 1~32 characters) • PPPoE Password – Sets a PPPoE password for the WAN port. (Default: pppoe_password; Range: 1~32 characters) • Verify Password – Prompts you to re-enter your chosen password. • Operation Mode – Selects the operation mode as Keep Alive, On Demand or Manual.
5 Internet Settings L2TP Enables the Layer Two Tunneling Protocol (L2TP) for implementing virtual private networks. The service is provided in many European countries. Figure 5-7. Setup Wizard - WAN L2TP • Server IP – Sets the L2TP server IP Address. (Default: l2tp_server; Range: 1~32 characters) • Username – Sets the L2TP user name for the WAN port. (Default: l2tp_user; Range: 1~32 characters) • Password – Sets a L2TP password for the WAN port.
5 System Configuration • Subnet Mask – Sets the static IP subnet mask. (Default: 255.255.255.0, available when L2TP Network Mode is set to static IP.) • Default Gateway – The IP address of the gateway router for the wireless AP/ Router, which is used if the requested destination address is not on the local subnet. • Operation Mode – Selects the operation mode as Keep Alive, On Demand or Manual.
5 Internet Settings PPTP Enables the Point-to-Point Tunneling Protocol (PPTP) for implementing virtual private networks. The service is provided in many European countries. Figure 5-8. Setup Wizard - WAN PPTP • Server IP – Sets a PPTP server IP Address. (Default: pptp_server) • Username – Sets the PPTP user name for the WAN port. (Default: pptp_user; Range: 1~32 characters) • Password – Sets a PPTP password for the WAN port.
5 System Configuration • Default Gateway – The IP address of the gateway router for the wireless AP/ Router, which is used if the requested destination address is not on the local subnet. • Operation Mode – Selects the operation mode as Keep Alive, On Demand or Manual. (Default: Keep Alive) - Keep Alive Mode: The wireless AP/Router will periodically check your Internet connection and automatically re-establish your connection when disconnected.
Internet Settings 5 LAN Setting The wireless AP/Router must have a valid IP address for management using a web browser and to support other features. The unit has a default IP address of 192.168.2.1. You can use this IP address or assign another address that is compatible with your existing local network. Click on “Internet Settings” followed by “LAN.” Figure 5-9.
5 System Configuration • LAN IP Address – Valid IP addresses consist of four decimal numbers, 0 to 255, separated by periods. The default setting is 192.168.2.1. • Subnet Mask – Indicate the local subnet mask. (Default: 255.255.255.0.) • MAC Address – The shared physical layer address for the wireless AP/Router’s LAN ports. • DHCP Type – Select this option to obtain the IP settings for the access point from a DHCP (Dynamic Host Configuration Protocol) server.
5 Internet Settings • DNS Proxy – Enables DNS proxy on the LAN port. DNS Proxy receives DNS queries from the local network and forwards them to an Internet DNS server. (Default: Disable) Advanced Routing Routing setup allows a manual method to set up routing between networks. The network administrator configures static routes by entering routes directly into the routing table. Static routing has the advantage of being predictable and easy to configure.
5 System Configuration Routing Table This page displays the information necessary to forward a packet along the best path toward its destination. Each packet contains information about its origin and destination. When a packet is received, a network device examines the packet and matches it to the routing table entry providing the best match for its destination. The table then provides the device with instructions for sending the packet to the next hop on its route across the network.
Internet Settings 5 Dynamic Route The wireless AP/Router supports RIP 1 and RIP 2 dynamic routing protocol. Routing Information Protocol (RIP) is the most widely used method for dynamically maintaining routing tables. RIP uses a distance vector-based approach to routing. Routes are chosen to minimize the distance vector, or hop count, which serves as a rough estimate of transmission cost. Each router broadcasts its advertisement every 30 seconds, together with any updates to its routing table.
5 System Configuration Bandwidth QoS Setting — The maximum upload speed of the Internet connection on the WAN port. • Quality of Service – Enables the QoS. (Default: Enable) • Upload Bandwidth – Sets the maximum upload bandwidth. (Default: user defined) ALG The application gateway settings provide a filter for certain protocol data (such as FTP and SIP) to pass through the wireless AP/Router NAT and firewall restrictions. Figure 5-14.
5 Wireless Settings • FTP Support – Allows FTP packets to pass through the wireless AP/Router. • TFTP Support – Allows TFTP packets to pass through the wireless AP/Router. • H.323 Support – Allows H.323 packets to pass through the wireless AP/Router to support audio, data and video conferencing for teleconferencing. • SIP Support – Allows SIP packets to pass through the wireless AP/Router.
5 System Configuration Basic Settings The Basic Setting page allows you to enable the wireless interface, select which radio mode to use, choose the transmit frequency and configure SSIDs. Click on “Wireless Settings,” followed by “Basic”. Note: There are several variables to consider when selecting a radio mode that make it fully functional. Simply selecting the mode you want is not enough to ensure full compatibility for that mode.
5 Wireless Settings - 802.11b/g Mixed: Both 802.11b and 802.11g clients can communicate with the wireless AP/Router (up to 108 Mbps), but data transmission rates may be slowed to compensate for 802.11b clients. Any 802.11n clients will also be able to communicate with the wireless AP/Router, but they will be limited to 802.11g protocols and data transmission rates. - 802.11b only: All 802.11b, 802.11g, and 802.11n clients will be able to communicate with the wireless AP/Router, but the 802.11g and 802.
5 System Configuration radio channel. (The supported channels are dependent on the country code setting.) Wireless Distribution System (WDS) The WLAN1 radio interface can be configured to operate in a mode that allows it to forward traffic directly to other access point units. To set up links between access point units, you must configure the Wireless Distribution System (WDS) forwarding table by specifying the wireless MAC address of all units to which you want to forward traffic.
Wireless Settings 5 WDS Setting — Configures WDS related parameters. Up to four MAC addresses can be specified for each unit in the WDS network. WDS links may either be manually configured (Bridge and Repeater modes) or auto-discovered (Lazy mode). • WDS Mode – Selects the WDS mode of WLAN1. (Options: Disable/Lazy/Bridge/ Repeater. Default: Disable) - Disable: WDS is disabled.
5 System Configuration • HT Operation Mode – Packets from 802.11n clients are referred to as High Throughput (HT) Greenfield packets, in other words packets that can be transmitted at rates of up to 300 Mbps assuming that HT Channel Bandwidth is set to 20/40Mhz, see HT Channel Bandwidth next page. Note: Some 802.11n wireless clients may be capable of transmission rates of up to 600 Mbps, however the wireless AP/Router will only be able to connect to them at a maximum transmission rate of 300 Mbps. 802.
5 Wireless Settings Other HT Settings Figure 5-18. HT Physical Mode Settings • HT TxStream – HT means High Throughput. The number of HT TxStream means how many antennas will transmit data simultaneously. (Options: 1 or 2. Default: 2) • HT RxStream – The number of HT RxStream means how many antennas will receive data simultaneously. (Options: 1 or 2.
5 System Configuration • BG Protection – Enables a backward compatible protection system for 802.11b clients. There are three modes. (Default: Auto): - Auto: The wireless AP/Router enables its protection mechanism for 802.11b clients when they are detected in the network. When 802.11b clients are not detected, the protection mechanism is disabled. - On: Forces the unit to always use protection for 802.11b clients, whether they are detected in the network or not.
5 Wireless Settings • RTS Threshold – Sets the packet size threshold at which a Request to Send (RTS) signal must be sent to a receiving station prior to the sending station starting communications. The access point sends RTS frames to a receiving station to negotiate the sending of a data frame. After receiving an RTS frame, the station sends a CTS (clear to send) frame to notify the sending station that it can start sending data.
5 System Configuration Figure 5-20. Wi-Fi Multimedia Settings • WMM Capable – Wi-Fi Multimedia (WMM), also known as Wireless Multimedia Extensions (WME), is a Wi-Fi Alliance interoperability certification. It provides basic Quality of Service (QoS) features for IEEE 802.11 wireless network. Enabling WMM support provides prioritization of Wi-Fi data packets on four categories voice, video, best effort, and background.
5 Wireless Settings Table 5-2. WMM Access Categories Access Category WMM Designation Description 802.1D Tags AC_BE (AC0) Best Effort Normal priority, medium delay and throughput. 0, 3 Data only affected by long delays. Data from applications or devices that lack QoS capabilities. AC_BK (AC1) Background Lowest priority. Data with no delay or throughput 2, 1 requirements, such as bulk data transfers.
5 System Configuration WMM BSS Parameters – These parameters apply to the wireless clients. WMM AP Parameters – These parameters apply to the access point. • logCWMin (Minimum Contention Window) – The initial upper limit of the random backoff wait time before wireless medium access can be attempted. The initial wait time is a random value between zero and the CWMin value. Specify the CWMin value in the range 0-15 microseconds. Note that the CWMin value must be equal or less than the CWMax value.
5 Wireless Settings The security mechanisms that may be employed depend on the level of security required, the network and management resources available, and the software support provided on wireless clients. Click on “Wireless Settings,” followed by “Security”. Security The wireless AP/Router supports two virtual access point (VAP) interfaces referred to as WLAN1 and WLAN2. Each VAP functions as a separate access point, and can be configured with its own security settings.
5 System Configuration Security Settings — The security settings determine the authentication mode and enable WEP keys. • Authentication Mode – Configures the authentication mode used by clients. (WLAN1/WLAN2 Defaults: Open) - Open: Open-system authentication accepts any client attempting to connect the wireless AP/Router without verifying its identity. In this mode the default encryption type is "None.
Wireless Settings 5 - WEP Auto: Allows WLAN clients to associate using Open-WEP (uses WEP for encryption only) or Shared-WEP (uses WEP for authentication and encryption). If enabled, you must configure at least one key for the VAP interface and all its clients. Wired Equivalent Privacy (WEP) provides a basic level of security, preventing unauthorized access to the network and encrypting data transmitted between wireless clients and the wireless AP/Router.
5 System Configuration - WPA2: The WPA Enterprise mode uses IEEE 802.1X as its basic framework for user authentication and dynamic key management. IEEE 802.1X access security uses Extensible Authentication Protocol (EAP) and requires a configured RADIUS authentication server to be accessible in the enterprise network. If you select WPA or WPA2 Enterprise mode, be sure to configure the RADIUS settings. See “RADIUS” on page 5-36 for more information.
5 Wireless Settings - 802.1x: IEEE 802.1X is a standard framework for network access control that uses a central RADIUS server for user authentication. This control feature prevents unauthorized access to the network by requiring an 802.1X client application to submit user credentials for authentication. The 802.1X standard uses the Extensible Authentication Protocol (EAP) to pass user credentials (either digital certificates, user names and passwords, or other) from the client to the RADIUS server.
5 System Configuration • Default Key ID – Sets the WEP key used for authentication. (Default: 1; Range: 1~4) • Key 1 ~ Key 4 – Sets WEP key values. The user must first choose between ASCII or Hexadecimal keys. At least one key must be specified. Each WEP key has an index number. The selected key is used for authentication and encryption on the VAP interface. Enter key values that match the key type and length settings.
5 Wireless Settings RADIUS Setting — Configures RADIUS server settings. Note: RADIUS settings only apply to WPA, WPA2, or WPA/WPA2 Enterprise modes. • RADIUS Server IP Address – Specifies the IP address of the RADIUS server. • RADIUS Server Port – The User Datagram Protocol (UDP) port number used by the RADIUS server for authentication messages. (Range: 1024-65535; Default: 1812) • RADIUS Server Shared Secret – A shared text string used to encrypt messages between the access point and the RADIUS server.
5 System Configuration Figure 5-24. WPS Settings WPS Settings — Enables WPS, locks security settings, and refreshes WPS configuration information. • WPS Config – Enables WPS. (Default: Disable) WPS Summary – Provides detailed WPS statistical information. • WPS Current Status – Displays if there is currently any WPS traffic connecting to the wireless AP/Router. (Options: Start WSC Process; Idle; Default: Idle) • WPS Configured – States if WPS for wireless clients has been configured for this device.
Wireless Settings 5 Figure 5-25. WPS Progress Settings WPS Config — Configures WPS settings for the wireless AP/Router. • WPS Mode – Selects between methods of broadcasting the WPS beacon to network clients wanting to join the network: - PIN: The wireless AP/Router, along with other WPS devices, such as notebook PCs, cameras, or phones, all come with their own eight-digit PIN code. When one device, the WPS enrollee, sends a PIN code to the wireless AP/Router, it becomes the WPS registrar.
5 System Configuration Firewall The wireless AP/Router provides extensive firewall protection by restricting connection parameters to limit the risk of intrusion and defending against a wide array of common hacker attacks. MAC/IP/Port Filtering MAC/IP/Port filtering restricts connection parameters to limit the risk of intrusion and defends against a wide array of common hacker attacks. IP/Port filtering allows the unit to permit, deny or proxy traffic through its MAC addresses, IP addresses and ports.
5 Firewall • MAC/IP/Port Filtering – Enables or disables MAC/IP/Port Filtering. (Default: Disable) • Default Policy – When MAC/IP/Port Filtering is enabled, the default policy will be enabled. If you set the default policy to “Dropped”, all incoming packets that don’t match the rules will be dropped and vise versa. (Default: Disable) • MAC Address – Specifies the MAC address to block or allow traffic from. • Destination IP Address – Specifies the destination IP address to block or allow traffic from.
5 System Configuration Virtual Server Settings (Port Forwarding) Virtual Server (sometimes referred to as Port Forwarding) is the act of forwarding a network port from one network node to another. This technique can allow an external user to reach a port on a private IP address (inside a LAN) from the outside through a NAT-enabled router. (Maximum 32 entries are allowed.) Figure 5-29.
5 Firewall Current Port Forwarding Table The Current Port Forwarding Table displays the entries that are allowed to forward packets through the wireless AP/Router’s firewall. • Select – Selects an entry in the Current Port Forwarding Table. • IP Address – Displays an IP address on the local network to allow external access to. • Port Range – Displays the local port range. • Protocol – Displays the protocol used for forwarding of this port.
5 System Configuration System Security The ADSL/Router includes the facility to manage it from a remote location. The unit can also be sent a ping message from a remote location. Figure 5-31. System Security Settings • Remote Management – Denies or allows a remote access via WAN. (Default: Deny) • Ping from WAN Filter – Sends a ping request on the WAN port to test for connectivity.
5 Firewall Content Filtering The wireless AP/Router provides a variety of options for blocking Internet access based on content, URL and host name. Figure 5-32. Filter Settings Webs Content Filter Settings — The wireless AP/Router blocks access to specific traffic such as proxies, Java Applets and ActiveX. Check the box for whichever service to be blocked then click “Apply”. • Content Filter – Selects Webs content filters.
5 System Configuration • Current URL Filters – Displays current URL filter. • Add a URL Filter – Adds a URL filter to the settings. For example, myhost.example.com. Webs Host Filter Settings — The wireless AP/Router allows Internet content access to be restricted based on web address keywords and web domains. A domain name is the name of a particular web site. For example, for the address www.FUNGAMES.com, the domain name is FUNGAMES.com. Enter the Keyword then click “Add”.
5 Administration Settings Administrator Settings To protect access to the management interface, you need to configure a new Administrator’s user name and password as soon as possible. If a new user name and password are not configured, then anyone having access to the wireless AP/ Router may be able to compromise the unit's security by entering the default values. Once a new Administrator has been configured, you can delete the default “admin” user name from the system. • Username – The name of the user.
5 System Configuration Green AP Settings The GreenAP feature is used for reducing the wireless AP/Router's power consumption. Before setting the Green AP duration, you need to configure the NTP settings first, then choose one of the options from Action drop-down list. The WiFi Tx Power indicates how much antenna power you want to use. Less power means the wireless AP/Router can only cover a shorter range. The final step is to set the GreenAP duration.
5 Administration Settings • Dynamic DNS Provider – Specifies the DDNS service provider, DynDns.org, Freedns.afraid.org, ZoneEdit.com or Non-IP.com. (Default: DynDns.org) • DDNS Account – Specifies your username for the DDNS service. • DDNS Password – Specifies your password for the DDNS service. • Apply – Saves and sends the enabled DDNS configuration to the DDNS server. • Cancel – Cancels the previous DDNS configuration information.
5 System Configuration Configuration Settings The Configuration Setting page allows you to save the wireless AP/Router’s current configuration or restore a previously saved configuration back to the device. Figure 5-38. Configuration Settings • Load Factory Defaults – Restores the factory defaults. • Export – Saves the current configuration to a file locally. • Import – Allows the user to load previously saved configuration files from a local source.
5 Administration Settings System Info — Displays the basic system information in both Bridge and Gateway Modes: • Software Version – The version number of the current wireless AP/Router software. • Hardware Version – The version number of the current wireless AP/Router hardware. • System Up Time – Length of time the management agent has been up, specified in hours and minutes. • Operation Mode – Displays the hardware setting determined by the switch on the base of the unit. Figure 5-40.
5 System Configuration Figure 5-41. System Information - Local Network (Gateway Mode) Local Network — Displays the basic LAN information: • Local IP Address – The IP address configured on the wireless AP/Router. • Local Netmask – The mask that identifies the host address bits used for routing to the LAN port. • MAC Address – The shared physical layer address for the wireless AP/Router’s LAN ports.
5 Administration Settings The following items are displayed on this page: • Memory total – The total memory of this wireless AP/Router. • Memory left – The available memory of this wireless AP/Router. • Interface – Displays the interface on which traffic is being monitored. • Rx packets – Displays the total number of packets received by the specified interface. • Rx bytes – Displays the total number of bytes transmitted by the specified interface.
5 System Configuration System Log The wireless AP/Router supports a logging process that controls error messages saved to memory or sent to a Syslog server. The logged messages serve as a valuable tool for isolating wireless AP/Router and network problems. The System Log page displays the latest messages logged in chronological order, from the newest to the oldest. Log messages saved in the wireless AP/Router’s memory are erased when the device is rebooted. Figure 5-44.
Appendix A: Troubleshooting Check the following items before you contact local Technical Support. 1. If wireless clients cannot access the network, check the following: • Be sure the access point and the wireless clients are configured with the same Service Set ID (SSID). • If authentication or encryption are enabled, ensure that the wireless clients are properly configured with the appropriate authentication or encryption keys. 2.
A Troubleshooting Diagnosing LED Indicators Troubleshooting Chart Symptom Action POWER LED is Off • The AC power adapter may be disconnected. Check connections between the wireless AP/Router, the power adapter, and the wall outlet. WLAN LED is Off • The wireless AP/Router’s radio has been disabled through it’s web management interface. Access the management interface using a web browser to enable the radio.
Appendix B: Specifications Operating Frequency 802.11b/g/n: 2.412 ~ 2.462 GHz (USA, Canada Ch1- Ch11) 2.412 ~ 2.472 GHz (Europe Ch1- Ch13) 2.412 ~ 2.484 GHz (Japan Ch1- Ch14) 2.412 ~ 2.462 GHz (Taiwan Ch1-Ch11) Data Rate 802.11b: 1, 2, 5.5, 11 Mbps per channel 802.11g: 6, 9, 12, 18, 24, 36, 48, 54 Mbps per channel Draft 802.11n (20MHz, 400ns GI): 7.2, 14.4, 21.7, 28.9, 43.3, 57.8, 65, 72.2, 14.4, 28.9, 43.3, 57.8, 86.7, 115.6, 130, 144.4 Mbps per channel Draft 802.
B Specifications Humidity 5% to 95% (non-condensing) Compliances FCC Part 15B Class B EN 55022 EN 55024 EN61000-3-2 EN61000-3-3 Radio Signal Certification FCC Part 15C 15.247, 15.207 (2.4 GHz) EN 300 328 EN 301 489-1 EN 301 489-17 Standards IEEE 802.11b/g IEEE 802.11n draft v2.0 Physical Size 184 x 130 x 34.6 mm (7.24 x 5.11 x 1.36 in) Weight 255 g (9.
Appendix C: License Information This product includes copyrighted third-party software subject to the terms of the GNU General Public License (GPL), GNU Lesser General Public License (LGPL), or other related free software licenses. The GPL code used in this product is distributed WITHOUT ANY WARRANTY and is subject to the copyrights of one or more authors. For details, refer to the section "The GNU General Public License" below, or refer to the applicable license as included in the source-code archive.
C License Information We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software.
The GNU General Public License C a). You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b). You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c).
C License Information c). Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it.
The GNU General Public License C you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.
C License Information NO WARRANTY 1. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Glossary 10BASE-T IEEE 802.3-2005 specification for 10 Mbps Ethernet over two pairs of Category 3 or better UTP cable. 100BASE-TX IEEE 802.3-2005 specification for 100 Mbps Fast Ethernet over two pairs of Category 5 or better UTP cable. Access Point An internetworking device that seamlessly connects wired and wireless networks. Access points attached to a wired network, support the creation of multiple radio cells that enable roaming throughout a facility.
Glossary Encryption Data passing between the access point and clients can use encryption to protect from interception and evesdropping. Ethernet A popular local area data communications network, which accepts transmission from computers and terminals. File Transfer Protocol (FTP) A TCP/IP protocol used for file transfer. Hypertext Transfer Protocol (HTTP) HTTP is a standard used to transmit and receive all data over the World Wide Web. IEEE 802.
Glossary Open System A security option which broadcasts a beacon signal including the access point’s configured SSID. Wireless clients can read the SSID from the beacon, and automatically reset their SSID to allow immediate connection to the nearest access point. Orthogonal Frequency Division Multiplexing (ODFM) OFDM allows multiple users to transmit in an allocated band by dividing the bandwidth into many narrow bandwidth carriers.
Glossary Virtual Access Point (VAP) Virtual AP technology multiplies the number of Access Points present within the RF footprint of a single physical access device. With Virtual AP technology, WLAN users within the device’s footprint can associate with what appears to be different access points and their associated network services. All the services are delivered using a single radio channel, enabling Virtual AP technology to optimize the use of limited WLAN radio spectrum.
Index IP address 4-5, 5-6, 5-14, 5-51 A AC power adapter 1-4 administrator password 5-47 administrator username 5-47 Advanced Setting menu 5-25 AES 5-35 AP mode 2-1, 2-2 authentication mode 5-32 L LAN setting 5-13 LED indicators 1-3 M MDI/MDI-X, automatic 1-4 N B bridge 3-4, 5-23 NTP server 5-47 C P channels, maximum B-1 clients, maximum B-1 contents, package 1-1 D DDNS 5-48 DHCP client list 5-53 DHCP server address 5-51 E Ethernet ports 1-4 F firmware version 5-51 G gateway address 5-12, 5-15
Index WLAN setting 5-20 WPA/WPA2 5-30, 5-33 WPS 5-37 Index-2 WPS button 1-4 WPS, PBC 5-39 WPS, PIN 5-39
SMCWBR14S-N3 20 Mason • Irvine, CA 92618 • Phn: 949-679-8000 • www.smc.
