User Manual

ManualsBrandsNetgear ManualsComputers & Accessories802.11g Prosafe Wireless Access Point

Table Of Contents

BETA

December 2005

NETGEAR, Inc.

4500 Great America Parkway

Santa Clara, CA 95054 USA

Reference Manual for the

NETGEAR ProSafe

802.11g Wireless Access

Point WG302

Summary of content (112 pages)

PAGE 1
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 NETGEAR, Inc.
PAGE 2
Technical Support Please register to obtain technical support. Please retain your proof of purchase and warranty information. To register your product, get product support or obtain product information and product documentation, go to http://www.NETGEAR.com. If you do not have access to the World Wide Web, you may register your product by filling out the registration card and mailing it to NETGEAR customer service. You will find technical support information at: http://www.NETGEAR.
PAGE 3
Declaration of Conformity Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. To assure continued compliance, any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment.
PAGE 4
Antenna Statement for North America and Australia In addition to its own antenna, the WG302 device has been approved for use with the following detachable antennas and . antenna cables. Approved Antennas Antenna Gain and type Approved Antenna Cable Antenna Cable Length NETGEAR ANT24D18 14 dBi, directional outdoor/indoor NETGEAR ACC-1031401 thru 05 30 m NETGEAR ANT2409 8.
PAGE 5
PAGE 6
PAGE 7
PAGE 8
viii v0.
PAGE 9
Contents Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Chapter 1 About This Manual Audience, Scope, Conventions, and Formats ................................................................1-1 How to Use This Manual ................................................................................................1-2 How to Print this Manual .................................................................................................
PAGE 10
Basic IP Settings ..........................................................................................................3-10 Wireless Settings .......................................................................................................... 3-11 Security Profiles ............................................................................................................3-13 Before You Change the SSID and WEP Settings ..................................................
PAGE 11
Wi-Fi Multimedia (WMM) Setup ...............................................................................5-6 Hotspot Settings .......................................................................................................5-6 Configuring Wireless LAN Parameters ....................................................................5-7 Wireless Bridging and Repeating ...................................................................................5-8 Point-to-Point Bridge Configuration .............
PAGE 12
WPA and WPA2 Wireless Security .................................................................................8-8 How Does WPA Compare to WEP? .........................................................................8-9 How Does WPA Compare to WPA2 (IEEE 802.11i)? ...............................................8-9 What are the Key Features of WPA and WPA2 Security? .......................................8-9 Is WPA/WPA2 Perfect? ..............................................................................
PAGE 13
Chapter 1 About This Manual This chapter describes the intended audience, scope, conventions, and formats of this manual. Audience, Scope, Conventions, and Formats This reference manual assumes that the reader has basic to intermediate computer and Internet skills. However, basic computer network, Internet, firewall, and VPN technologies tutorial information is provided on the NETGEAR website. This guide uses the following typographical conventions: Table 1-1.
PAGE 14
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 This manual is written for the WG302 Wireless Access Point according to these specifications: Table 1-2. Manual Scope Product Version NETGEAR ProSafe 802.11g Wireless Access Point WG302 Manual Publication Date December 2005 Note: Product updates are available on the NETGEAR, Inc. Web site at http://kbserver.netgear.com/products/WG302.asp.
PAGE 15
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 — Click the PDF of This Chapter link at the top right of any page in the chapter you want to print. The PDF version of the chapter you were viewing opens in a browser window. — Your computer must have the free Adobe Acrobat reader installed in order to view and print PDF files. The Acrobat reader is available on the Adobe Web site at http://www.adobe.com. — Click the print icon in the upper left of the window.
PAGE 16
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 1-4 About This Manual v0.
PAGE 17
Chapter 2 Introduction This chapter introduces the NETGEAR ProSafe 802.11g Wireless Access Point WG302. Minimal prerequisites for installation are presented in “System Requirements” on page 2-6. About the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The NETGEAR ProSafe 802.11g Wireless Access Point WG302 is the basic building block of a wireless LAN infrastructure.
PAGE 18
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Key Features The WG302 Wireless Access Point is easy-to-use and provides solid wireless and networking support. Supported Standards and Conventions The following standards and conventions are supported: • Standards Compliant. The Wireless Access Point complies with IEEE 802.11g standards for Wireless LANs. • WEP support. Support for WEP is included. 64-bit, 128-bit, and 152-bit keys are supported. • Full WPA and WPA2 support.
PAGE 19
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 – Point-to-Multi-Point Bridge. Select this only if this WG302 is the “Master” for a group of bridge-mode wireless stations. The other bridge-mode wireless stations must be set to Point-to-Point Bridge mode, using this WG302's MAC address. They then send all traffic to this “Master,” rather than communicate directly with each other. You should use wireless security to protect this traffic. – Wireless Repeater.
PAGE 20
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Virtual APs. A single AP is segregated into multiple individual virtual APs simulating multiple APs in a single system. This segregation allows you to enforce different security mechanisms for different clients on the same AP. Virtual AP also provides better control over broadcast and multicast traffic for increased network performance. • Wireless VLAN Support.
PAGE 21
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The WG302 also supports the following wireless features: • Distributed coordinated function (CSMA/CA, Back off procedure, ACK procedure, retransmission of unacknowledged frames) • RTS/CTS handshake • Beacon generation • Packet fragmentation and reassembly • Short or long preamble • Roaming among access points on the same subnet Autosensing Ethernet Connections with Auto Uplink The WG302 can connect to a standard Ethernet network.
PAGE 22
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 System Requirements Before installing the WG302, make sure you have the following equipment and that your system meets these requirements: • A 10/100 Mbps Local Area Network device such as a hub or switch. • The Category 5 UTP straight through Ethernet cable with RJ-45 connector included in the package, or one like it • A 100-240 V, 50-60 HZ AC power source.
PAGE 23
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Hardware Description This section describes the WG302 front and rear hardware functions. Front Panel Figure 2-1 Viewed from left to right, the WG302 has these status LEDs: PWR, TEST, LAN, and 802.11g WLAN. LED Description PWR Power Indicator TEST Off No power. If this LED does not come on with the power adapter and cord correctly installed, see Chapter 6, “Troubleshooting. On Power is on.
PAGE 24
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 LED Description 802.11g WLAN Wireless LAN Link Activity Indicator (2.4 MHz) Off No wireless link activity. Green Blink Wireless link activity. Rear Panel 1 2 1 3 4 5 Figure 2-2 Viewed from left to right, the back of the WG302 provides the following: 1. Left and Right Detachable Antennas.The WG302 provides two detachable antennas. 2. Reset button. This restores the default factory settings. 3. Serial Console Port.
PAGE 25
Chapter 3 Basic Installation and Configuration This chapter describes how to set up your NETGEAR ProSafe 802.11g Wireless Access Point WG302 for wireless connectivity to your LAN. This basic configuration enables computers with 802.11b or 802.11g wireless adapters to do such things as connect to the Internet or access printers and files on your LAN.. Note: Indoors, computers can connect over 802.11g wireless networks at ranges of several hundred feet or more.
PAGE 26
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 For best results, place your wireless access point: • Near the center of the area in which your PCs operate. • In an elevated location such as a high shelf where the wirelessly connected PCs have line-of-sight access (even if through walls). • Away from sources of interference, such as PCs, microwaves, and 2.4 GHz cordless phones. • Away from large metal surfaces.
PAGE 27
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Feature Factory Default Settings IP Configuration IP Address: 192.168.1.128 Subnet Mask: 255.255.255.0 Gateway: 0.0.0.0 802.11g Network Name (SSID) NETGEAR-0 Broadcast Network Name (SSID) Enabled 802.
PAGE 28
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 WG302 :LUHOHVV 'DWD 6HFXULW\ 2SWLRQV 5DQJH 8S WR )RRW 5DGLXV ฀ ฀ ฀ ฀ ฀ ฀ ฀ ฀ ฀ ฀ ฀฀ ฀ ฀ ฀฀ ฀ ฀ ฀ ฀฀ ฀ ฀ ฀ ฀ ฀ ฀ ฀ ฀฀ ฀ ฀ ฀ ฀ Figure 3-1 There are several ways you can enhance the security of your wireless network: • Restrict Access Based on MAC address. You can restrict access to only trusted PCs so that unknown PCs cannot wirelessly connect to the WG302.
PAGE 29
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Use AutoCell Enhanced RF Security ‘Stealth Mode.’ In addition to standard encryption and security mechanisms such as WEP and WPA, the WG302 AutoCell feature provides self-organizing micro cells for an additional level of privacy for enterprises. In this mode, AutoCell shrinks the size of coverage to the minimum to reach clients but also shrinks the size of the beacons that access points use to announce their presence.
PAGE 30
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 – When prompted, enter admin for the user name, and password for the password, both in lower case letters. The Web browser displays the WG302 main menu and General page, as shown below. Click to view documentation Click to log out. After five minutes with no activity, you are logged out automatically. Figure 3-2 3-6 Basic Installation and Configuration v0.
PAGE 31
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 b. Click the Basic Settings link to view the Basic Settings menu. c. Configure the settings for your network and click Apply. Figure 3-3 d. Click Wireless Settings in the Setup section of the main menu to view the Wireless Settings menu. Figure 3-4 e. Enter the wireless settings. See the online help or “Wireless Settings” on page 3-11 for full instructions.
PAGE 32
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Now that you have finished the setup, you are ready to deploy the WG302 in your network. If needed, you can now reconfigure the computer you used for this process back to its original TCP/IP settings. 3. Deploy the WG302 Wireless Access Point a. Disconnect the WG302 and put it where you will deploy it.
PAGE 33
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Logging in to the WG302 Using Its Default IP Address The default IP address of your access point is 192.168.1.128. The WG302 is set, by default, for the DHCP client to be disabled. Note: The computer that you use to connect to the WG302 should be configured with an IP address that starts with 192.168.1.x and a Subnet Mask of 255.255.255.0. 1. Open a Web browser such as Internet Explorer, Netscape Navigator, or Mozilla Firefox. 2.
PAGE 34
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Basic IP Settings To configure the basic settings of your wireless access point, click Basic Settings in the Setup section of the WG302 main menu. The Basic Settings menu appears, as shown in Figure 3-7. Figure 3-7 The Basic Settings default values described in the following list work for most users and situations. • Access Point Name. This unique name is the access point NetBIOS name.
PAGE 35
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • IP Subnet Mask. Enter the subnet mask value used on your LAN (factory default: 255.255.255.0). • Default Gateway. Enter the IP address of the Gateway for your LAN. For more complex networks, enter the address of the router for the network segment to which the wireless access point is connected (factory default: 0.0.0.0). • DNS Server. Enter the IP address of the DNS (Domain Name Server) you wish to use (factory default: 0.
PAGE 36
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The Wireless Settings menu options are discussed below. Note: Channel selection and power management are automatically adjusted by the AutoCell Auto RF Management option. The Auto RF Management option is enabled by default. • Country/Region. This is the region where the WG302 can be used. It may not be legal to operate the wireless features of the wireless access point in a region other than one of those identified in this field.
PAGE 37
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 – In “Infrastructure” mode, wireless stations normally scan all channels, looking for an access point. If more than one access point can be used, the one with the strongest signal is used. This can only happen when the access points use the same SSID. See http://documentation.netgear.com/reference/enu/wireless/index.htm for more information on wireless channels. • Data Rate.
PAGE 38
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Wireless Network Name (SSID). The SSID is also known as the wireless network name. The SSID separates network traffic from different wireless networks. To connect any wireless device to a wireless network, you need to use the SSID. The WG302 default SSID is: NETGEAR-0 for the first profile, NETGEAR-1 for the second, and so on. You can enter a value of up to 32 alphanumeric characters.
PAGE 39
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • If you are using Access Point mode, then all options are available. In other modes such as Repeater or Bridge, some options may be unavailable. • Not all wireless adapters support WPA or WPA2. Windows XP and Windows 2000 with Service Pack 3 do include the client software that supports WPA. However, client software is required on the client.
PAGE 40
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Data Encryption Settings 128 bits WEP Standard WEP encryption, using 104/128 bit encryption. 152 bits WEP Proprietary mode that will only work with other wireless devices that support this mode. TKIP This is the standard encryption method used with WPA. AES This is the standard encryption method for WPA2. Some clients may support AES with WPA, but this is not supported by this Access Point.
PAGE 41
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Before You Change the SSID and WEP Settings For a new wireless network, print or copy this form and fill in the settings. For an existing wireless network, the person who set up or is responsible for the network can provide this information. Be sure to set the Regulatory Domain correctly as the first step. Store this information in a safe place.
PAGE 42
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Setting up and Testing Basic Wireless Connectivity Follow the instructions below to set up and test basic wireless connectivity. After this is done, then you can set up wireless security settings appropriate to your needs. 1. Connect to the WG302. In the address field of your Web browser, enter the default LAN address of http://192.168.1.128.
PAGE 43
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Configuring the Radius Server Settings Use the following steps to view or change the Radius Server Settings. 1. Connect to the WG302. In the address field of your Web browser, enter the default LAN address of http://192.168.1.128. Log in with the user name of admin and default password of password, or log in by using the LAN address and password that you configured. 2. In the Security menu, click Radius Server Settings. 3.
PAGE 44
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Update if any station disassociates. Select this option to refresh global key when any stations disassociated with wireless Access Point. • Accounting Radius Server Configuration. This configuration is required for accounting using Radius Server. IP Address, Port Number and Shared Secret is required for communication with Radius Server.
PAGE 45
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Note: You can use WEP with Open System or Shared Key. Choose the encryption strength, and then enter the Keys as explained in “Entering WEP Data Encryption Keys” on page 3-21 e. Click Apply to save your settings. Note: If you use a wireless computer to configure WEP settings, you will be disconnected when you click Apply.
PAGE 46
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Note: When configuring the WG302 from a wireless computer whose MAC address is not in the access control list, if you select Turn Access Control On, you will lose your wireless connection when you click Apply. You must then access the wireless access point from a wired computer or from a wireless computer which is on the access control list to make any further changes. 2.
PAGE 47
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 You can usually find the MAC address printed on the wireless adapter. Click Add to add the wireless device to the access list. Repeat these steps for each additional device you want to add to the list. 5. Be sure to click Apply to save your wireless access control list settings. Now, only devices on the MAC ACL will be allowed to wirelessly connect to the WG302. Basic Installation and Configuration 3-23 v0.
PAGE 48
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 3-24 Basic Installation and Configuration v0.
PAGE 49
Chapter 4 Management This chapter describes how to use the management features of your NETGEAR ProSafe 802.11g Wireless Access Point WG302. To get to these features, connect to the WG302 as described in “Logging in to the WG302 Using Its Default IP Address” on page 3-9. Remote Management Access the Remote Management screen by clicking Remote Management under Management on the main menu. Figure 4-1 Enter the Remote Management information.
PAGE 50
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Public Community Name: The community string to allow the SNMP manager to read the wireless access point's MIB objects. The default is public. • Private Community Name: The community string to allow the SNMP manager to read and write the wireless access point's MIB objects. The default is private. • IP address to Receive Traps: The IP address of the SNMP manager to receive traps sent from the wireless access point.
PAGE 51
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 3. Press the return key, and the screen below should appear. Figure 4-2 The login name is admin and password is the default password. After successful login, the screen should show the (Access Point Name)> prompt. In this example, the prompt is netgear74F35E. Enter help to display the CLI command help. CLI Commands The CLI commands are listed in Appendix C, “Command Line Reference.
PAGE 52
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • IP address to Receive Traps. Enter the IP address of the SNMP manager to receive traps sent from the wireless Access Point. If you don't want Traps to be sent, leave this at the default value of 0.0.0.0 3. Be sure to click Apply to save your changes. Viewing the Activity Log From the WG302 main menu, under the Information heading, click Activity Log. Figure 4-3 You can use a SysLog server to view the Activity Log.
PAGE 53
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Port: The port number configured in the SysLog server on your LAN. The default is 514 The Activity Log Window displays the Access Point system activity. You can click Refresh to update the display. To save the log contents into a file on your PC, click Save As and save the file to a disk drive. Viewing General Information The General information is a summary of the WG302 configuration settings.
PAGE 54
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Table 4-1. General Information Fields Field Description Access Point Information Access Point Name (NetBIOS name) The name of the access point, which you can configure. Country/Region The domain or region for which the wireless access point is licensed for use. It may not be legal to operate this wireless access point in a region other than one of those identified in this field.
PAGE 55
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Viewing Statistics The Statistics screen provides LAN and WLAN statistics. From the WG302 main menu, click Statistics under the Information heading to view the screen shown in Figure 4-5. Figure 4-5 Management 4-7 v0.
PAGE 56
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Viewing the Available Wireless Station List The Available Wireless Station List contains a table of all IP devices associated with the wireless access point for the Wired Network Name (SSID). From the WG302 main menu, under the Information heading, click Available Wireless Station List to view the list. The fields in the list are explained below. Figure 4-6 Table 4-2.
PAGE 57
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Note that if the wireless access point is rebooted, the table data is lost until the wireless access point rediscovers the devices. To force the wireless access point to look for associated devices, click the Refresh button. Note: A wireless network can include multiple wireless access points that use the same network name (SSID). This extends the reach of the wireless network.
PAGE 58
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 5. Click Upload. When the upload completes, your wireless access point automatically restarts. The upgrade process typically takes about one minute. In some cases, you may need to reconfigure the wireless access point after upgrading. Configuration File Management The WG302 Wireless Access Point settings are stored in the wireless access point in a configuration file.
PAGE 59
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 To restore your settings from a saved configuration file, enter the full path to the file on your computer or click the Browse button to locate the file. When you have located it, click the Restore button to upload the file. After completing the upload, the WG302 reboots automatically. Erasing the Configuration You can erase the wireless access point configurations and return to the factory default settings.
PAGE 60
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Changing the Administrator Password The default password is password. NETGEAR recommends that you change this password to a more secure password. You cannot change the administrator login name. From the WG302 main menu, click Change Password to go to the menu shown below. To change the password, first enter the old password, and then enter the new password twice. Click Apply to save your change. Figure 4-8 4-12 Management v0.
PAGE 61
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 AutoCell Rogue AP Detection The AutoCell feature provides added security. It can detect rogue APs and wireless stations and exclude them from connecting to the WG302 Wireless Access Point. From the WG302 main menu, click Rogue AP Detection to view this menu. • You can click Rescan to discover the APs. • Click Authorize to add any AP to the Authorized AP List. Click Delete to remove an AP from the list.
PAGE 62
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 AutoCell Rogue Station Detection The AutoCell feature provides added security. It can detect rogue APs and wireless stations and exclude them from connecting to the WG302 Wireless Access Point. From the WG302 main menu, click Rogue Station Detection to view this menu. • Click Rescan to discover the stations. • Click Authorize to add any station to the Authorized Station List. Click Delete to remove an station from the list.
PAGE 63
Chapter 5 Advanced Configuration This chapter describes how to configure the advanced features of your NETGEAR ProSafe 802.11g Wireless Access Point WG302. The following list describes the advanced features: • IP Settings: Use the AP as a DHCP server for wireless clients. • Wireless Settings: Set up AutoCell and configure advanced wireless LAN parameters. • Access Point Settings: Enable wireless bridging and repeating. • TBD: New features under the Advanced heading, like NAT and Load Balancing.
PAGE 64
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The following list provides information about how to configure DHCP settings. • Use AP as DHCP Server: You may turn on this option and the Access Point will function as a DHCP Server for Wireless Clients only. The Access Point will provide the pre-configured TCP/IP configurations for all wireless stations connected to this Access Point.
PAGE 65
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Configuring Advanced Wireless LAN Settings This section describes the advanced wireless settings menu, which enables configuration of the following features: • AutoCell RF management • Wi-Fi multimedia (WMM) setup • Hotspot settings • Advanced wireless parameters AutoCell Overview AutoCell provides advanced RF wireless management features that improve performance and enhance security. Table 5-1.
PAGE 66
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 AutoCell AP/Client Interaction AutoCell’s self-organizing micro cells provide performance benefits and an additional level of privacy for enterprises. • Automatic Transmit Power Control. An AP with AutoCell enabled coordinates the RF transmit power level of AutoCell-enabled clients. This creates client micro-cells and reduces co-channel interference with other clients and APs on the same frequency.
PAGE 67
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 AutoCell Configuration Options There are three AutoCell configuration setting choices: • Auto RF Management: Enabled by default. • Enhanced RF Security: Disabled by default. • Rogue Device Detection: Disabled by default. These options are discussed below. Figure 5-3 Auto RF Management Note: Channel selection and power management is automatically adjusted by the AutoCell Auto RF Management option.
PAGE 68
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Wi-Fi Multimedia (WMM) Setup WMM is a subset of the 802.11e standard. WMM allows wireless traffic to have a range of priorities, depending on the kind of data. Time-dependent information, such as video or audio, will have a higher priority than normal traffic. For WMM to function correctly, wireless clients must also support WMM. WMM Support: Select Yes or No as required on the Advanced Wireless Settings menu. The default is No.
PAGE 69
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Configuring Wireless LAN Parameters The default advanced wireless LAN parameter settings usually work well. If you want the AP to operate in Super-G mode, use this feature. Figure 5-5 Table 5-1 describes the advanced wireless parameters. Table 5-1. Advanced Wireless LAN Settings Fields Field Description Enable SuperG Mode Click Enable to enable SuperG Mode.
PAGE 70
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Wireless Bridging and Repeating The WG302 Wireless Access Point lets you build large bridged wireless networks. Note: All bridge mode options are not available when AutoCell Auto RF Management is enabled (the default setting). Examples of wireless bridged configurations are: • Point-to-Point Bridge. The WG302 communicates with another bridge-mode wireless station. See “Point-to-Point Bridge Configuration” on page 5-10.
PAGE 71
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Repeater with Wireless Client Association. Sends all traffic to the remote AP. See “Repeater with Wireless Client Association” on page 5-12. These configurations can be set up from the Advanced Access Point Settings menu, shown to the right. Figure 5-6 Advanced Configuration 5-9 v0.
PAGE 72
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Point-to-Point Bridge Configuration In Point-to-Point Bridge mode, the WG302 communicates with another bridge-mode wireless station. In addition, you can enable client associations with this WG302. You must enter the MAC address of the other bridge-mode wireless station in the field provided. Use WEP to protect this communication. The figure below shows an example of Point-to-Point Bridge mode.
PAGE 73
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Multi-Point Bridge Configuration Set up a Multi-Point Bridge only if this WG102 is the “master” for a group of bridge-mode wireless stations. Then all traffic is sent to this “master,” rather than to the other access points. In addition, you can enable client associations with this WG302. • You must enter the MAC addresses of the other access points in the fields provided.
PAGE 74
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Configure the WG302 (AP3) on LAN 3 in Point-to-Point Bridge mode with the Remote MAC Address of AP1. 2. Verify the following for all access points: • The LAN network configuration of the WG302 Wireless Access Points are configured to operate in the same LAN network address range as the LAN devices • Only one AP is configured in Point-to-Multi-Point Bridge mode, and all the others are in Point-to-Point Bridge mode.
PAGE 75
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • You cannot configure a sequence of parent/child APs. You are limited to only one parent/child AP pair. The figure below shows an example of a Repeater Mode configuration. AP 1 Parent AP in Repeater Mode Wireless PC Associated with AP 1 Wireless PC Associated with AP 2 AP 2 Router Child AP in Repeater Mode Internet 192.168.0.
PAGE 76
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • All WG302 Wireless Access Points use the same SSID, Channel, authentication mode, if any, and encryption in use. 3. Verify connectivity across the LANs. A computer on any LAN segment should be able to connect to the Internet or share files and printers with any other PCs or servers connected to any of the three WLAN segments. Note: You can extend this repeating by adding up to two more WG302s configured in repeater mode.
PAGE 77
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 QoS on the access point leverages existing information in the IP packet header related to Type of Service (ToS). The access point examines the ToS field in the headers of all packets that pass through the AP. Based on the value in a packet’s ToS field, the AP prioritizes the packet for transmission by assigning it to one of the queues. A different type of data is associated with each queue.
PAGE 78
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 5-16 Advanced Configuration v0.
PAGE 79
Chapter 6 Troubleshooting This chapter provides information about troubleshooting your NETGEAR ProSafe 802.11g Wireless Access Point WG302. After each problem description, instructions are given to help you diagnose and solve the problem. For the common problems listed, go to the section indicated. • Is the WG302 on? • Have I connected the wireless access point correctly? Go to“Installing the WG302 Wireless Access Point” on page 3-5.
PAGE 80
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The Wireless LAN activity light does not light up. The access point’s antennae are not working. • If the Wireless LAN activity light stays off, disconnect the adapter from its power source and then plug it in again. • Make sure the antennas are tightly connected to the WG302. • Contact NETGEAR technical support if the Wireless LAN activity light remains off. The LAN light is not lit. There is a hardware connection problem.
PAGE 81
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 I cannot connect to the WG302 to configure it. Check these items: • The WG302 is properly installed, LAN connections are OK, and it is powered on. Check that the LAN port LED is on (amber indicating a 10 Mbps Ethernet connection or green indicating a 100 Mbps Ethernet connection) to verify that the Ethernet connection is OK. • The default configuration of the WG302 is for a static IP address of 192.168.1.128 and a Mask of 255.
PAGE 82
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Using the Reset Button to Restore Factory Default Settings The Reset button (see “Rear Panel” on page 2-8) has two functions: • Reboot. When pressed and released quickly, the WG302 will reboot (restart). • Reset to Factory Defaults. This button can also be used to clear ALL data and restore ALL settings to the factory default values. To clear all data and restore the factory default values: 1.
PAGE 83
Appendix A Specifications Parameter NETGEAR ProSafe 802.11g Wireless Access Point WG302 Network Management Web-based configuration and status monitoring Maximum Clients Limited by the amount of wireless network traffic generated by each node; typically 30 to 70 nodes.
PAGE 84
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 A-2 Specifications v0.
PAGE 85
Appendix B Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The WG302 Wireless Access Point conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.11b and 802.11g standards for wireless LANs (WLANs). On an 802.11b or g wireless link, data is encoded using direct-sequence spread-spectrum (DSSS) technology and is transmitted in the unlicensed radio spectrum at 2.5GHz. The maximum data rate for the 802.
PAGE 86
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Ad Hoc Mode (Peer-to-Peer Workgroup) In an ad hoc network, computers are brought together as needed; thus, there is no structure or fixed points to the network - each node can generally communicate with any other node. There is no Access Point involved in this configuration.
PAGE 87
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Wired Equivalent Privacy (WEP) data encryption is used when the wireless devices are configured to operate in Shared Key authentication mode. 802.11 Authentication The 802.11 standard defines several services that govern how two 802.11 devices communicate. The following events must occur before an 802.11 Station can communicate with an Ethernet network through an access point, such as the one built in to the WG302: 1.
PAGE 88
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 This process is illustrated below. 802.11b Authentication Open System Steps 1) Authentication request sent to AP Access Point 2) AP authenticates Internet Client attempting to connect 100 Mbps 3) Client connects to network Servers 10 Mbps Cable or DSL Modem PCs Figure 6-1 Shared Key Authentication The following steps occur when two devices use Shared Key Authentication: 1.
PAGE 89
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 This process is illustrated below. 802.11b Authentication Shared Key Steps 1) Authentication request sent to AP Access Point 2) AP sends challenge text Client attempting to connect 3) Client encrypts challenge text and sends it back to AP 4) AP decrypts, and if correct, authenticates client Internet 100 Mbps Servers 10 Mbps Cable or DSL Modem PCs Figure 6-2 Overview of WEP Parameters Before enabling WEP on an 802.
PAGE 90
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Key Size The IEEE 802.11 standard supports two types of WEP encryption: 40-bit and 128-bit. The 64-bit WEP data encryption method allows for a five-character (40-bit) input. Additionally, 24 factory-set bits are added to the forty-bit input to generate a 64-bit encryption key. The 24 factory-set bits are not user-configurable). This encryption key will be used to encrypt/decrypt all data transmitted via the wireless interface.
PAGE 91
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Note: Whatever keys you enter for an AP, you must also enter the same keys for the client adapter in the same order. In other words, WEP key 1 on the AP must match WEP key 1 on the client adapter, WEP key 2 on the AP must match WEP key 2 on the client adapter, and so on. Note: The AP and the client adapters can have different default WEP Keys as long as the keys are in the same order.
PAGE 92
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Table 8-2. 802.11b/g Radio Frequency Channels Channel Center Frequency Frequency Spread 10 2457 MHz 2444.5 MHz - 2469.5 MHz 11 2462 MHz 2449.5 MHz - 2474.5 MHz 12 2467 MHz 2454.5 MHz - 2479.5 MHz 13 2472 MHz 2459.5 MHz - 2484.5 MHz Note: The available channels supported by the wireless products in various countries are different. For example, Channels 1 to 11 are supported in the U.S.
PAGE 93
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The Wi-Fi Alliance is now performing interoperability certification testing on Wi-Fi Protected Access products. Starting August of 2003, all new Wi-Fi certified products have to support WPA. NETGEAR is implementing WPA and WPA2 on client and access point products. The 802.11i standard was ratified in 2004. How Does WPA Compare to WEP? WEP is a data encryption method and is not intended as a user authentication mechanism.
PAGE 94
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • – Michael message integrity code (MIC) – AES support (WPA2, requires hardware support) Support for a mixture of WPA, WPA2, and WEP wireless clients to allow a migration strategy, but mixing WEP and WPA/WPA2 is discouraged These features are discussed below. WPA/WPA2 addresses most of the known WEP vulnerabilities and is primarily intended for wireless infrastructure networks as found in the enterprise.
PAGE 95
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Key management. WPA/WPA2 features a robust key generation/management system that integrates the authentication and data privacy functions. Keys are generated after successful authentication and through a subsequent 4-way handshake between the station and Access Point (AP). • Data Privacy (Encryption).
PAGE 96
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 It is important to note that 802.1x does not provide the actual authentication mechanisms. When using 802.1x, the EAP type, such as Transport Layer Security (EAP-TLS), or EAP Tunneled Transport Layer Security (EAP-TTLS), defines how the authentication takes place. Note: For environments with a Remote Authentication Dial-In User Service (RADIUS) infrastructure, WPA supports Extensible Authentication Protocol (EAP).
PAGE 97
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The AP sends Beacon Frames with WPA/WPA2 information element to the stations in the service set. Information elements include the required authentication method (802.1x or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES). Probe Responses (AP to station) and Association Requests (station to AP) also contain WPA information elements. 1. Initial 802.
PAGE 98
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 If configured to implement dynamic key exchange, the 802.1x authentication server can return session keys to the access point along with the accept message. The access point uses the session keys to build, sign and encrypt an EAP key message that is sent to the client immediately after sending the success message. The client can then use contents of the key message to define applicable encryption keys. In typical 802.
PAGE 99
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Is WPA/WPA2 Perfect? WPA/WPA2 is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS) attacks. If the access point receives two data packets that fail the message integrity code (MIC) within 60 seconds of each other, then the network is under an active attack, and as a result, the access point employs counter measures, which include disassociating each station using the access point.
PAGE 100
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • • • • • The new WPA/WPA2 information element To advertise their support of WPA/WPA2, wireless APs send the beacon frame with a new 802.11 WPA/WPA2 information element that contains the wireless AP's security configuration (encryption algorithms and wireless security configuration information). The WPA/WPA2 two-phase authentication Open system, then 802.1x (EAP with RADIUS or preshared key).
PAGE 101
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Changes to Wireless Client Programs Wireless client programs must be updated to permit the configuration of WPA/WPA2 authentication (and preshared key) and the new WPA/WPA2 encryption algorithms (TKIP and AES). To obtain the Microsoft WPA client program, visit the Microsoft Web site. Note: The Microsoft WPA2 client is still in beta. Wireless Networking Basics B-17 v0.
PAGE 102
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 B-18 Wireless Networking Basics v0.
PAGE 103
Appendix C Command Line Reference In addition to the Web based user interface, the NETGEAR ProSafe 802.11g Wireless Access Point WG302 includes a command line interface (CLI) for administering the access point. The CLI lets you view and modify status and configuration information.
PAGE 104
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The following table shows a feature-by-feature comparison of which settings can be configured through the CLI or the Web UI, and which are configurable with either. Table 8-1.
PAGE 105
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Table 8-1. Configurable from Web UI Feature or Setting Configurable from CLI Reboot the AP yes Reset the AP to Factory Defaults yes Upgrade the Firmware You cannot upgrade the yes firmware from the CLI. Please use the Web UI to configure this feature. Backup and Restore You cannot backup or restore an AP configuration from the CLI.
PAGE 106
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 get The “get” command allows you to get the property values of existing instances of a class. Classes can be “named” or “unnamed”. The command syntax is: get unnamed-class [property... | detail] get named-class [instance | all [property... | name | detail]] The rest of the command line is optional. If provided, it is either a list of one or more properties, or the keyword detail.
PAGE 107
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 set The “set” command allows you to set the property values of existing instances of a class. set unnamed-class [with qualifier-property qualifier-value... to] property value... The first argument is an unnamed class in the configuration. After this is an optional qualifier that restricts the set to only some instances. For singleton classes (with only one instance) no qualifier is needed.
PAGE 108
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 remove The “remove” command allows you to remove an existing instance of a class. remove unnamed-class [property value...] remove named-class instance | all [property value...] For example: remove radius-user wally The CLI also includes the following commands for maintenance tasks: save-running The save-running command saves the running configuration as the startup configuration.
PAGE 109
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 config Configuration settings detected-ap Detected access point dhcp-client DHCP client settings dot11 IEEE 802.
PAGE 110
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Keyboard Shortcuts and Tab Completion Help The CLI provides keyboard shortcuts to help you navigate the command line and build valid commands, along with “tab completion” hints on available commands that match what you have typed so far. Table 8-2.describes the keyboard shortcuts available from the CLI. Table 8-2.
PAGE 111
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 CLI Command Sets This section lists the CLI commands available from the WG302 Wireless Access Point command line. TBD Command Line Reference C-9 v0.
PAGE 112
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 C-10 Command Line Reference v0.