User's Manual

ManualsBrandsNetgear ManualsSwitchNetgear ProSafe WFS709TP Smart Wireless Controller WFS709TP-100NAS

151

152

153

154

155

156

157

158

159

160

Table Of Contents

WFS709TP ProSafe Smart Wireless Switch Software Administration Manual
Contents
About This Manual
- Conventions, Formats, and Scope
- How to Use This Manual
- How to Print this Manual
- Revision History
Chapter 1 Overview of the WFS709TP
- WFS709TP System Components
- Basic WLAN Configuration
- Wireless Client Access to the WLAN
- Configuring and Managing the WFS709TP
  - Tools
Chapter 2 Deploying a Basic WFS709TP System
- Configuration Overview
- Configuring the WFS709TP
- Deploying APs
- Additional Configuration
Chapter 3 Configuring Network Parameters
- Configuring VLANs
  - Assigning a Static Address to a VLAN
  - Configuring a VLAN to Receive a Dynamic Address
- Configuring Static Routes
- Configuring the Loopback IP Address
Chapter 4 RF Plan
- RF Plan Overview
- Before You Begin
  - Task Overview
  - Planning Requirements
- Using RF Plan
- RF Plan Example
Chapter 5 Configuring WLANS
- Before You Begin
  - Determine the Authentication Method
  - Determine the Default VLAN
- Basic WLAN Configuration in the Browser Interface
  - Example Configuration
- Advanced WLAN Configuration in the Browser Interface
- IntelliFi RF Management
Chapter 6 Configuring AAA Servers
- Configuring an External RADIUS Server
- Adding Users to the Internal Database
- Configuring Authentication Timers
Chapter 7 Configuring 802.1x Authentication
- 802.1x Authentication
  - Authentication with a RADIUS Server
  - Authentication Terminated on WFS709TP
- Configuring 802.1x Authentication
  - 802.1x Authentication Page
- Advanced Configuration Options for 802.1x
Chapter 8 Configuring the Captive Portal
- Overview of Captive Portal Functions
- Configuring Captive Portal
- Configuring Advanced Captive Portal Options
- Configuring the AAA Server for Captive Portal
  - Changing the Protocol to HTTP
- Personalizing the Captive Portal Page
Chapter 9 Configuring MAC-Based Authentication
- Configuring the WFS709TP
- Configuring Users
Chapter 10 Adding Local WFS709TPs
- Moving to a Multi-Switch Environment
- Configuring Local WFS709TPs
Chapter 11 Configuring Redundancy
- Virtual Router Redundancy Protocol
- Redundancy Configuration
Chapter 12 Configuring Wireless Intrusion Protection
- Rogue/Interfering AP Detection
- Misconfigured AP Detection
  - Configuring Misconfigured AP Protection
Chapter 13 Configuring Management Utilities
- Configuring Management Users
- Configuring SNMP
- Creating Guest Accounts
- Managing Files on the WFS709TP
- Installing a Server Certificate
Chapter 14 Configuring WFS709TP for Voice
- Voice over IP Proxy ARP
- Battery Boost
- Limiting the Number of Active Voice Calls
- WPA Fast Handover
Appendix A Configuring DHCP with Vendor-Specific Options
- Overview
- Windows-Based DHCP Servers
  - Configuring Option 60
  - Configuring Option 43
- Linux DHCP Servers
Appendix B Windows Client Example Configuration for 802.1x
- Window XP Wireless Client Example Configuration
Appendix C Internal Captive Portal
- Creating a New Internal Web Page
  - Basic HTML Example
- Installing a New Captive Portal Page
- Displaying Authentication Error Message
- Language Customization
- Customizing the Welcome Page
- Customizing the Pop-Up Box
- Customizing the Logged Out Box
Appendix D Related Documents
Index

WFS709TP ProSafe Smart Wireless Switch Software Administration Manual

Configuring Wireless Intrusion Protection 12-3

v1.0, June 2007

• Valid AP. An AP that is part of the enterprise providing WLAN service. APs that successfully

connect to the WFS709TP and load software and configuration should be classified as valid

APs.

• Interfering AP or Known Interfering AP. An AP that is seen in the RF environment but is

not connected to the wired network. An interfering AP is not considered a direct security threat

since it is not connected to the wired network.

• Unsecure AP. An rogue AP that is part of the network. A rogue AP is an unauthorized AP that

is plugged into the wired side of the network.

• DoS AP. An AP on which denial of service is enabled.

To manually classify an AP:

Navigate to the Reports > AP Reports> All Interfering APs page on the master WFS709TP

(Figure 12-2).

4. Select the checkboxes for the APs you want to classify.

5. Click the appropriate “Set as” button on the page.

6. Click Apply.

Note: Any client that successfully authenticates with a valid AP and passes encrypted

traffic is classified as a valid client. (Encrypted traffic includes encrypted

802.11 frames and unencrypted 802.11 frames that are VPN encrypted.)

Figure 12-2