User Manual
Table Of Contents
- Contents
- 1. Hardware Overview
- 2. Install the Access Point in Your Network and Access It for Initial Configuration
- Position your access point
- Set up and connect the access point to your network
- Connect to the access point for initial configuration
- Connect over WiFi using the NETGEAR Insight App
- Connect over the Internet using the NETGEAR Insight Cloud portal
- Connect over WiFi using a WiFi-enabled computer or mobile device
- Connect over Ethernet using a computer connected to the same network
- Connect over Ethernet using a directly connected computer
- Log in to the access point after initial setup
- Dismiss a browser security warning
- 3. Install the Access Point in an Insight Instant Mesh WiFi Network
- What are a root access point and an extender access point?
- What is an Insight Instant Mesh WiFi network?
- Requirements for placing an extender access point in a mesh WiFi network
- Install the NETGEAR Insight app
- Connect the access point as an extender to a root access point
- Connect over the Internet using the NETGEAR Insight Cloud portal
- 4. Manage the Basic WiFi and Radio Features
- Set up and manage WiFi networks
- Set up an open or secure WiFi network
- View or change the settings of a WiFi network
- Disable or enable a WiFi network or set up a WiFi activity schedule
- Remove a WiFi network
- Enable or disable client isolation for a WiFi network
- Hide or broadcast the SSID for a WiFi network
- Enable or disable band steering with 802.11k RRM and 802.11v WiFi network management
- Change the VLAN ID for a WiFi network
- Enable or disable PMF for a WiFi network
- Enable or disable URL tracking for a WiFi network
- Change the format of the DHCP offer messages in a WiFi network
- Select a MAC ACL for a WiFi network
- Set bandwidth rate limits for a WiFi network
- Set up and manage captive portals for WiFi networks
- Manage the basic radio features
- Set up and manage WiFi networks
- 5. Manage the Advanced WiFi and Radio Features
- Configure advanced rate selection for a WiFi network
- Manage the advanced radio features
- Manage the advanced WiFi settings for the radios
- Manage the maximum number of clients for a radio
- Manage the broadcast and multicast settings for a radio
- Manage sticky clients
- Manage load balancing for the radios
- Manage Airtime Fairness for the radios
- Manage the ARP proxy
- Manage the amount of broadcast traffic
- Set a data volume limit for the access point
- Enable the WiFi Traffic Analyzer
- Set up a WiFi bridge between access points
- 6. Manage Access and Security
- 7. Manage the Local Area Network and IP Settings
- Disable the DHCP client and specify a fixed IP address
- Enable the DHCP client
- Set the 802.1Q VLAN and management VLAN
- Specify an existing domain name
- Manage port VLANs
- Enable or disable Spanning Tree Protocol
- Enable or disable the network integrity check function
- Enable or disable IGMP snooping
- Enable or disable Ethernet LLDP
- Enable or disable UPnP
- Enable link aggregation for the LAN 2 port
- Disable link aggregation for the LAN 2 port
- 8. Manage and Maintain the Access Point
- Change the management mode to NETGEAR Insight or Web-browser
- Change the country or region of operation
- Change the admin user account password
- Change the system name
- Specify a custom NTP server
- Set the time zone
- Manage the syslog settings
- Manage the firmware of the access point
- Manage the configuration file of the access point
- Reboot the access point from the local browser interface
- Schedule the access point to reboot
- Return the access point to its factory default settings
- Enable SNMP and manage the SNMP settings
- Manage the LEDs
- 9. Monitor the Access Point and the Network
- View the access point Internet, IP, and system settings
- View the WiFi radio settings
- View unknown and known neighbor access points
- View client distribution, connected clients, and client trends
- View WiFi and Ethernet traffic, traffic and ARP statistics, and channel utilization
- View or download tracked URLs
- View, save, download, or clear the logs
- View a WiFi bridge connection
- View the data volume consumption
- View Air Time Fairness client distribution
- View the traffic analysis results
- View alarms and notifications
- 10. Diagnostics and Troubleshooting
- Capture WiFi and Ethernet packets
- Perform a ping test
- Check the Internet speed
- Quick tips for troubleshooting
- Troubleshoot with the LEDs
- Power/Cloud LED is off
- Power/Cloud LED remains solid amber
- Power/Cloud LED is blinking amber slowly, continuously
- The access point functions as a PoE PD and the Power/Cloud LED remains solid amber
- Power/Cloud LED does not light blue in the NETGEAR Insight management mode
- The Power/Cloud LED does not stop blinking red, green, and blue
- 2.4, 5H, or 5L WLAN LED Is Off
- A LAN LED is off while a switch or LAN device is connected
- The extender access point and root access point cannot connect
- Troubleshoot the WiFi connectivity
- Troubleshoot Internet browsing
- You cannot log in to the access point over a LAN connection
- Changes are not saved
- You enter the wrong password and can no longer log in to the access point
- Troubleshoot your network using the ping utility
- A. Factory Default Settings and Technical Specifications
WPA3 provides a secure connection but some legacy WiFi devices do not detect
WPA3 and support only WPA2. If your network also includes WPA2 devices,
select WPA3/WPA2 Personal authentication.
In the Passphrase field, enter a phrase of 8 to 63 characters. To join the VAP, a
user must enter this passphrase. To view the passphrase in clear text, click the
eye icon.
•
WPA3/WPA2 Personal: This option, which is the same as WPA3/WPA2-PSK,
enables WiFi devices that support either WPA3 or WPA2 to join the VAP. This
option uses SAE and AES encryption.
WPA2-PSK (which uses AES) is less secure than WPA3 (which uses SAE).
In the Passphrase field, enter a phrase of 8 to 63 characters. To join the VAP, a
user must enter this passphrase. To view the passphrase in clear text, click the
eye icon.
•
WPA3 Enterprise: This enterprise-level security uses RADIUS for centralized
Authentication, Authorization, and Accounting (AAA) management. For WPA3
Enterprise security to function, you must set up RADIUS servers (see Set up RADIUS
servers on page 149). If you select this option, 802.11w (PMF) is automatically set
to mandatory (see Step 9).
When you select WPA3 Enterprise security, the encryption is automatically set to
GCMP256, which is a 256-bit encryption protocol.
When you select WPA3 Enterprise authentication, the Dynamic VLAN radio
buttons display:
-
Enable: The RADIUS server can assign a VLAN ID to clients. If the RADIUS
server does not do so, the clients are automatically assigned the VLAN ID that
you configured for the SSID.
-
Disable: The clients are assigned the VLAN ID that you configured for the
SSID. This is the default setting.
User Manual57Manage the Basic WiFi and
Radio Features
Insight Managed Smart Cloud Wireless Access Point AC3000 WAC540 User Manual