ZyAIR G-1000 Wireless 54 Mbps Access Point User's Guide Version 3.
ZyAIR G-1000 Access Point User’s Guide Copyright Copyright © 2003 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
ZyAIR G-1000 Access Point User’s Guide Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations. This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules.
ZyAIR G-1000 Access Point User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase.
ZyAIR G-1000 Access Point User’s Guide Customer Support Please have the following information ready when you contact customer support. • • • • Product model and serial number. Warranty Information. Date that you received your device. Brief description of the problem and the steps you took to solve it. METHOD E-MAIL SUPPORT/SALES TELEPHONE/FAX WEB SITE/ FTP SITE REGULAR MAIL LOCATION WORLDWIDE support@zyxel.com.tw +886-3-578-3942 www.zyxel.com www.europe.zyxel.com NORTH AMERICA sales@zyxel.com.
ZyAIR G-1000 Access Point User’s Guide Table of Contents Copyright .........................................................................................................................................................ii Federal Communications Commission (FCC) Interference Statement .....................................................iii ZyXEL Limited Warranty.............................................................................................................................iv Customer Support..
ZyAIR G-1000 Access Point User’s Guide 5.1.3 ESS ....................................................................................................................................5-2 5.2 Wireless LAN Basics.................................................................................................................5-3 5.2.1 RTS/CTS............................................................................................................................5-3 5.2.2 Fragmentation Threshold ................
ZyAIR G-1000 Access Point User’s Guide 9.5.1 Backup Configuration ........................................................................................................9-7 9.5.2 Restore Configuration ........................................................................................................9-8 9.5.3 Back to Factory Defaults..................................................................................................9-10 SMT CONFIGURATION....................................................
ZyAIR G-1000 Access Point User’s Guide 17.1 Filename Conventions .............................................................................................................17-1 17.2 Backup Configuration..............................................................................................................17-2 17.2.1 Backup Configuration Using FTP....................................................................................17-2 17.2.2 Using the FTP command from the DOS Prompt ..................
ZyAIR G-1000 Access Point User’s Guide Appendix K Log Descriptions ................................................................................................................... K-1 Appendix L Power Adaptor Specifications ...............................................................................................L-1 Appendix M Index .....................................................................................................................................
ZyAIR G-1000 Access Point User’s Guide List of Figures Figure 1-1 Internet Access Application...........................................................................................................1-4 Figure 1-2 Corporation Network Application.................................................................................................1-4 Figure 2-1 ZyAIR Front Panel........................................................................................................................
ZyAIR G-1000 Access Point User’s Guide Figure 9-13 Back to Factory Default............................................................................................................ 9-10 Figure 9-14 Reset Warning Message.............................................................................................................9-11 Figure 10-1 Login Screen ............................................................................................................................ 10-1 Figure 10-2 Menu 23.
ZyAIR G-1000 Access Point User’s Guide Figure 19-1 Telnet Configuration on a TCP/IP Network ..............................................................................19-1 Figure 19-2 Menu 24.11 Remote Management Control ...............................................................................
ZyAIR G-1000 Access Point User’s Guide List of Tables Table 2-1 Front Panel LED Description......................................................................................................... 2-2 Table 2-2 ZyAIR G-1000 Wireless LAN Coverage ....................................................................................... 2-4 Table 4-1 System General Setup .................................................................................................................... 4-2 Table 4-2 Password ..
ZyAIR G-1000 Access Point User’s Guide Table 17-3 General Commands for Third Party TFTP Clients .....................................................................17-5 Table 18-1 Menu 24.10 System Maintenance: Time and Date Setting .........................................................18-2 Table 19-1 Menu 24.11 Remote Management Control.................................................................................
ZyAIR G-1000 Access Point User’s Guide Preface Congratulations on your purchase of the ZyAIR G-1000. ZyAIR G-1000 is an IEEE802.11g-compliant 54 Mbps Ethernet wireless LAN Access Point (AP). It is suited for wireless connection to the wired network in the home and small office environment allowing users to enjoy the convenience of wireless LAN access. An AP acts as a bridge between the wireless and wired networks, extending your existing wired network without any additional wiring.
ZyAIR G-1000 Access Point User’s Guide • Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control Panels and then Modem” means first click the Apple icon, then point your mouse pointer to Control Panels and then click Modem. • For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in other words” throughout this manual.
Getting Started Part I: GETTING STARTED This part introduces the main features and applications of ZyAIR, hardware installation and setup and shows how to access the web configurator.
ZyAIR G-1000 Access Point User’s Guide Chapter 1 Getting to Know Your ZyAIR This chapter introduces the main features and applications of the ZyAIR. 1.1 Introducing the ZyAIR G-1000 Access Point The ZyAIR G-1000 Access Point extends the range of your existing wired network without any additional wiring efforts, providing easy network access to mobile users. The ZyAIR incorporates the IEEE 802.11g standard for high-speed (up to 54 Mbps) wireless transmission.
ZyAIR G-1000 Access Point User’s Guide ZyAIR LED The blue ZyAIR LED (also known as the Breathing LED) is on (dimmed) when the ZyAIR is on and blinks brightly when data is being transmitted to/from its wireless stations. You may use the web configurator to turn this LED off even when the ZyAIR is on and data is being transmitted/received. 802.11g Wireless LAN Standard ZyAIR products containing the letter “G” in the model name, such as ZyAIR G-1000, ZyAIR G-2000, support the 802.11g wireless standard. 802.
ZyAIR G-1000 Access Point User’s Guide SNMP SNMP (Simple Network Management Protocol) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your ZyAIR supports SNMP agent functionality, which allows a manger station to manage and monitor the ZyAIR through the network. The ZyAIR supports SNMP version one (SNMPv1) and version two c (SNMPv2c).
ZyAIR G-1000 Access Point User’s Guide Figure 1-1 Internet Access Application 1.3.2 Corporation Network Application In situations where users are always on the move in the coverage area but still need access to corporate network access, the ZyAIR is an ideal solution for wireless stations to connect to the corporate network without expensive network cabling. The following figure depicts a typical application of the ZyAIR in an enterprise environment.
ZyAIR G-1000 Access Point User’s Guide Chapter 2 Hardware Installation and Initial Setup This chapter describes the physical features of the ZyAIR and how to make cable connections. 2.1 Front Panel of the ZyAIR The LEDs on the front panel indicate the operational status of your ZyAIR.
ZyAIR G-1000 Access Point User’s Guide Table 2-1 Front Panel LED Description LED Link COLOR STATUS Red Blinking The ZyAIR is not ready or rebooting. Off The ZyAIR is working properly. Breathing The ZyAIR is sending/receiving data. On (dim) The ZyAIR is ready, but is not sending/receiving data. On The ZyAIR has a successful 10Mb Ethernet connection. Blinking The ZyAIR is sending/receiving data. Off The ZyAIR does not have 10Mb Ethernet connection.
ZyAIR G-1000 Access Point User’s Guide 2.2.1 One 10/100M Ethernet Port Ethernet 10Base-T/100Base-T networks use Shielded Twisted Pair (STP) cable with RJ-45 connectors that look like a bigger telephone plug with 8 pins. The ETHERNET port is auto-sensing, so you may use the crossover cable provided or a straight-through Ethernet cable to connect your ZyAIR to a computer/external hub. When the ZyAIR is turned on and properly connected to a computer or a hub, the ETHN LED on the front panel turns on. 2.2.
ZyAIR G-1000 Access Point User’s Guide Table 2-2 ZyAIR G-1000 Wireless LAN Coverage ≤11 Mbps ≤ 5.5 Mbps or lower Indoor 50 m 80 m Outdoor 200 m 300 m Refer to the Quick Installation Guide for instructions to attach the antennas to the ZyAIR. 2.3 Hardware Mounting Options The ZyAIR may be placed on a flat surface or wall mounted. In general, the best place for the access point is at the center of your intended wireless coverage area.
ZyAIR G-1000 Access Point User’s Guide Chapter 3 Introducing the Web Configurator This chapter describes how to access the ZyAIR web configurator and provides an overview of its screens. The default IP address of the ZyAIR is 192.168.1.2. 3.1 Accessing the ZyAIR Web Configurator Step 1. Make sure your ZyAIR hardware is properly connected. Step 2. Prepare your computer/computer network to connect to the ZyAIR (refer to the Quick Installation Guide. Step 3. Launch your web browser. Step 4.
ZyAIR G-1000 Access Point User’s Guide The ZyAIR automatically times out after five minutes of inactivity. Simply log back into the ZyAIR if this happens to you. 3.2 Resetting the ZyAIR If you forget your password or cannot access the ZyAIR, you will need to reload the factory-default configuration file or use the RESET button on the top panel of the ZyAIR. Uploading this configuration file replaces the current configuration file with the factory-default configuration file.
ZyAIR G-1000 Access Point User’s Guide Click WIZARD SETUP for initial configuration including general setup, Wireless LAN setup and IP address assignment. Refer to the Quick Installation Guide for information. Click LOGOUT at any time to exit the web configurator. Click ADVANCED to configure advanced features such as SYSTEM (General, Password and Time settings), WIRELESS LAN (Wireless, MAC Filter, Roaming, 802.1x, Local User Database and RADIUS), IP, and Logs (View reports and Log Settings).
System and Wireless LAN Part II: SYSTEM AND WIRELESS LAN This part covers the System and Wireless LAN screens.
ZyAIR G-1000 Access Point User’s Guide Chapter 4 System Screens This chapter provides information on the System screens. 4.1 System Overview This section provides information on general system setup. 4.2 Configuring General Setup Click ADVANCED and then SYSTEM to open the General screen. Figure 4-1 System General Setup The following table describes the labels in this screen.
ZyAIR G-1000 Access Point User’s Guide Table 4-1 System General Setup LABEL DESCRIPTION System Name Type a descriptive name to identify the ZyAIR in the Ethernet network. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes "-" and underscores "_" are accepted. Domain Name This is not a required field. Leave this field blank or enter the domain name here if you know it.
ZyAIR G-1000 Access Point User’s Guide If you forget your password (or the ZyAIR IP address), you will need to reset the ZyAIR. See the Resetting the ZyAIR section in for details. Figure 4-2 Password The following table describes the labels in this screen. Table 4-2 Password LABEL DESCRIPTION Old Password Type in your existing system password (1234 is the default password). New Password Type your new system password (up to 31 characters).
ZyAIR G-1000 Access Point User’s Guide Figure 4-3 Time Setting The following table describes the labels in this screen. Table 4-3 Time/Date LABEL Time Protocol 4-4 DESCRIPTION Select the time protocol that your time server sends when you turn on the ZyAIR. Not all time servers support all protocols, so you may have to check with your ISP/network administrator or use trial and error to find a protocol that works. The main difference between them is the format.
ZyAIR G-1000 Access Point User’s Guide Table 4-3 Time/Date LABEL DESCRIPTION Time Server Address Enter the IP address of your time server. Check with your ISP/network administrator if you are unsure of this information (the default is tick.stdtime.gov.tw). Current Time (hh:mm:ss) This field displays the time of your ZyAIR. Each time you reload this page, the ZyAIR synchronizes the time with the time server. New Time (hh:mm:ss) This field displays the last updated time from the time server.
ZyAIR G-1000 Access Point User’s Guide Chapter 5 Wireless Configuration and Roaming This chapter discusses how to configure Wireless and Roaming screens on the ZyAIR.. 5.1 Wireless LAN Overview This section introduces the wireless LAN (WLAN) and some basic scenarios. 5.1.1 IBSS An Independent Basic Service Set (IBSS), also called an Ad-hoc network, is the simplest WLAN configuration.
ZyAIR G-1000 Access Point User’s Guide Figure 5-2 Basic Service set 5.1.3 ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless stations within the same ESS must have the same ESSID in order to communicate.
ZyAIR G-1000 Access Point User’s Guide Figure 5-3 Extended Service Set 5.2 Wireless LAN Basics Refer also to the Wizard Setup chapter for more background information on Wireless LAN features, such as channels. 5.2.1 RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node.
ZyAIR G-1000 Access Point User’s Guide Figure 5-4 RTS/CTS When station A sends data to the ZyAIR, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations. RTS/CTS is designed to prevent collisions due to hidden nodes.
ZyAIR G-1000 Access Point User’s Guide A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. 5.
ZyAIR G-1000 Access Point User’s Guide Table 5-1 Wireless LABEL DESCRIPTION (Extended Service Set IDentity) The ESSID identifies the Service Set with to which a wireless station is associated. Wireless stations associating to the access point (AP) must have the same ESSID. Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN.
ZyAIR G-1000 Access Point User’s Guide channel of a new access point, which then informs the access points on the LAN about the change. The new information is then propagated to the other access points on the LAN. An example is shown in Figure 5-6. With roaming, a wireless LAN mobile user enjoys a continuous connection to the wired network through an access point while moving around the wireless LAN.
ZyAIR G-1000 Access Point User’s Guide 3. 4. 5. The adjacent access points should use different radio channels when their coverage areas overlap. All access points must use the same port number to relay roaming information. The access points must be connected to the Ethernet and be able to get IP addresses from a DHCP server if using dynamic IP address assignment. To enable roaming on your ZyAIR, click ADVANCED, WIRELESS and then the Roaming tab. The screen appears as shown.
ZyAIR G-1000 Access Point User’s Guide Chapter 6 Wireless Security This chapter describes how to configure WEP encryption, MAC filter, 802.1x, Local User Database and RADIUS to set up wireless security on your ZyAIR 6.1 Wireless Security Overview Wireless security is vital to your network to protect wireless communication between wireless stations, access points and the wired network. The figure below shows the possible wireless security levels on your ZyAIR.
ZyAIR G-1000 Access Point User’s Guide 6.2.2 Authentication Three different methods can be used to authenticate wireless stations to the network: Open System, Shared Key, and Auto. The following figure illustrates the steps involved.
ZyAIR G-1000 Access Point User’s Guide When your ZyAIR's authentication method is set to open system, it will only accept open system authentication requests. The same is true for shared key authentication. However, when it is set to auto authentication, the ZyAIR will accept either type of authentication request and the ZyAIR will fall back to use open authentication if the shared key does not match. 6.
ZyAIR G-1000 Access Point User’s Guide Table 6-1 Wireless LABEL DESCRIPTION WEP Encryption Select Disable to allow wireless stations to communicate with the access points without any data encryption. Select 64-bit WEP or 128-bit WEP to enable data encryption. Authentication Method Select Auto, Open System or Shared Key from the drop-down list box. This field is N/A if WEP is not activated. If WEP encryption is activated, the default setting is Auto.
ZyAIR G-1000 Access Point User’s Guide Figure 6-4 MAC Address Filter The following table describes the fields in this screen.
ZyAIR G-1000 Access Point User’s Guide Table 6-2 MAC Address Filter LABEL DESCRIPTION MAC Address Filter Active Select Yes from the drop down list box to enable MAC address filtering. Filter Action Define the filter action for the list of MAC addresses in the MAC address filter table. Select Deny Association to block access to the router, MAC addresses not listed will be allowed to access the router.
ZyAIR G-1000 Access Point User’s Guide • Access-Request Sent by an access point requesting authentication. • Access-Reject Sent by a RADIUS server rejecting access. • Access-Accept Sent by a RADIUS server allowing access. • Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access-Request message.
ZyAIR G-1000 Access Point User’s Guide AP RADIUS Server Wireless Station Ethernet Figure 6-5 EAP Authentication The details below provide a general description of how IEEE 802.1x EAP authentication works. For an example list of EAP-MD5 authentication steps, see the IEEE 802.1x appendix. • The wireless station sends a “start” message to the ZyAIR. • The ZyAIR sends a “request identity” message to the wireless station for identity information.
ZyAIR G-1000 Access Point User’s Guide 6.8 Introduction to Local User Database By storing user profiles locally on the ZyAIR, your ZyAIR is able to authenticate wireless users without interacting with a network RADIUS server. However, there is a limit on the number of users you may authenticate in this way. 6.9 Configuring 802.1x To change your ZyAIR’s authentication settings, click ADVANCED, WIRELESS and then the 802.1x tab. The screen appears as shown. Figure 6-6 802.
ZyAIR G-1000 Access Point User’s Guide Table 6-3 802.1x Authentication LABEL DESCRIPTION Wireless Port Control To control wireless stations access to the wired network, select a control method from the drop-down list box. Choose from No Authentication Required, Authentication Required and No Access Allowed. No Authentication Required allows all wireless stations access to the wired network without entering usernames and passwords. This is the default setting.
ZyAIR G-1000 Access Point User’s Guide Table 6-3 802.1x Authentication LABEL DESCRIPTION Authentication Databases This field is activated only when you select Authentication Required in the Wireless Port Control field. The authentication database contains wireless station login information. The local user database is the built-in database on the ZyAIR. The RADIUS is an external server. Use this drop-down list box to select which database the ZyAIR should use (first) to authenticate a wireless station.
ZyAIR G-1000 Access Point User’s Guide 6.10 Configuring Local User Database To change your ZyAIR’s local user database, click ADVANCED, WIRELESS and then the Local User Database tab. The screen appears as shown.
ZyAIR G-1000 Access Point User’s Guide The following table describes the fields in this screen. Table 6-4 Local User Database LABEL DESCRIPTION Active Select this check box to activate the user profile. User Name Enter the username (up to 31 characters) for this user profile. Password Type a password (up to 31 characters) for this user profile. Note that as you type a password, the screen displays a (*) for each character you type. Apply Click Apply to save your changes back to the ZyAIR.
ZyAIR G-1000 Access Point User’s Guide Figure 6-8 RADIUS The following table describes the fields in this screen. Table 6-5 RADIUS LABEL DESCRIPTION Authentication Server Active Server IP Address Port Number 6-14 Select Yes from the drop-down list box to enable user authentication through an external authentication server. Select No to enable user authentication using the local user profile on the ZyAIR. Enter the IP address of the external authentication server in dotted decimal notation.
ZyAIR G-1000 Access Point User’s Guide Table 6-5 RADIUS LABEL DESCRIPTION Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared between the external authentication server and the ZyAIR. The key must be the same on the external authentication server and your ZyAIR. The key is not sent over the network. Accounting Server Active Select Yes from the drop down list box to enable user accounting through an external authentication server.
IP and Logs Part III: IP AND LOGS This part provides information and configuration instructions for the IP screen and for the logs.
ZyAIR G-1000 Access Point User’s Guide Chapter 7 IP Screen This chapter discusses how to configure IP settings on the ZyAIR 7.1 Factory Ethernet Defaults The Ethernet parameters of the ZyAIR are preset in the factory with the following values: • IP address of 192.168.1.2 • Subnet mask of 255.255.255.0 (24 bits) These parameters should work for the majority of installations. 7.2 TCP/IP Parameters 7.2.1 IP Address and Subnet Mask Refer to the IP Address and Subnet Mask section for this information.
ZyAIR G-1000 Access Point User’s Guide Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP Address Space. 7.3 Configuring IP Address Click ADVANCED and then IP to display the screen shown next. Figure 7-1 IP Setup The following table describes the fields in this screen.
ZyAIR G-1000 Access Point User’s Guide Table 7-2 IP Setup LABEL Get automatically DESCRIPTION Select this option if your ZyAIR is using a dynamically assigned IP address from a DHCP server each time. You must know the IP address assigned to the ZyAIR (by the DHCP server) to access the ZyAIR again. Use fixed IP address IP Address Select this option if your ZyAIR is using a static IP address. When you select this option, fill in the fields below.
ZyAIR G-1000 Access Point User’s Guide Chapter 8 Logs Screens This chapter contains information about configuring general log settings and viewing the ZyAIR’s logs. Refer to the appendix for example log message explanations. 8.1 Displaying Logs The web configurator allows you to look at all of the ZyAIR’s logs in one location. Click ADVANCED and then LOGS to open the View Log screen. Use the View Log screen to see the logs for the categories that you selected in the Log Settings screen (see section 8.
ZyAIR G-1000 Access Point User’s Guide Table 8-1 View Log LABEL DESCRIPTION # This is the index number of the log entry. Time This field displays the time the log was recorded. Message This field states the reason for the log. Source This field lists the source IP address and the port number of the incoming packet. Destination This field lists the destination IP address and the port number of the incoming packet. Note This field displays additional information about the log entry.
ZyAIR G-1000 Access Point User’s Guide Figure 8-2 Log Settings The following table describes the fields in this screen.
ZyAIR G-1000 Access Point User’s Guide Table 8-2 Log Settings LABEL DESCRIPTION Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below. If this field is left blank, logs and alert messages will not be sent via e-mail. Mail Subject Type a title that you want to be in the subject line of the log e-mail message that the ZyAIR sends. Send Log To Logs are sent to the e-mail address specified in this field.
ZyAIR G-1000 Access Point User’s Guide Table 8-2 Log Settings LABEL DESCRIPTION Send Immediate Alert Select the categories of alerts for which you want the ZyAIR to send immediately email alerts. Apply Click Apply to save your customized settings and exit this screen. Reset Click Reset to reconfigure all the fields in this screen.
Maintenance Part IV: MAINTENANCE This part describes the Maintenance screens.
ZyAIR G-1000 Access Point User’s Guide Chapter 9 Maintenance This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics. 9.1 Maintenance Overview The maintenance screens allow you to view system information, upload new firmware, manage configuration and restart your ZyAIR. 9.2 System Status Screen Click MAINTENANCE to open the System Status screen, where you can use to monitor your ZyAIR.
ZyAIR G-1000 Access Point User’s Guide Table 9-1 System Status LABEL DESCRIPTION ZyNOS Firmware Version This is the ZyNOS Firmware version and the date created. ZyNOS is ZyXEL's proprietary Network Operating System design. Routing Protocols This shows the routing protocol – BRIDGE for which the ZyAIR is configured. IP Address IP Subnet Mask DHCP Show Statistics This is the Ethernet port IP address. This is the Ethernet port subnet mask. This is the Ethernet port DHCP role - Client or None.
ZyAIR G-1000 Access Point User’s Guide Table 9-2 System Status: Show Statistics LABEL DESCRIPTION Status This shows the port speed and duplex setting if you are using Ethernet encapsulation for the Ethernet port. This shows the transmission speed only for wireless port. TxPkts This is the number of transmitted packets on this port. RxPkts This is the number of received packets on this port. Collisions This is the number of collisions on this port.
ZyAIR G-1000 Access Point User’s Guide Figure 9-3 Association List The following table describes the fields in this screen. Table 9-3 Association List LABEL DESCRIPTION # This is the index number of an associated wireless station. MAC Address This field displays the MAC address of an associated wireless station. Association Time This field displays the time a wireless station first associated with the ZyAIR. Refresh Click Refresh to reload the screen. 9.4 F/W Upload Screen Find firmware at www.
ZyAIR G-1000 Access Point User’s Guide Figure 9-4 Firmware Upload The following table describes the fields in this screen. Table 9-4 Firmware Upload LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click Browse... to find the .bin file you want to upload. Remember that you must decompress compressed (.zip) files before you can upload them. Upload Click Upload to begin the upload process.
ZyAIR G-1000 Access Point User’s Guide Figure 9-5 Firmware Upload In Process The device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 9-6 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the System Status screen. If the upload was not successful, the following screen will appear. Click Return to go back to the F/W Upload screen.
ZyAIR G-1000 Access Point User’s Guide Figure 9-7 Firmware Upload Error 9.5 Configuration Screen The web configurator uses TFTP to transfer files. See the Firmware and Configuration File Maintenance chapter for transferring configuration files using FTP/TFTP commands. Click MAINTENANCE and then CONFIGURATION. Information related to backup configuration, restoring configuration and factory defaults appears as shown next. 9.5.
ZyAIR G-1000 Access Point User’s Guide 9.5.2 Restore Configuration Restore configuration replaces your ZyAIR's current configuration with a previously saved configuration. Restore files (usually) have a .ROM extension, e.g., "zyair.rom". The system reboots automatically after the file transfer is complete and uses the configured values in the file. WARNING! Do not interrupt the file transfer process as this may PERMANENTLY DAMAGE YOUR ZyAIR.
ZyAIR G-1000 Access Point User’s Guide Figure 9-10 Configuration Upload Successful The device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 9-11 Network Temporarily Disconnected If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default device IP address (192.168.1.2).
ZyAIR G-1000 Access Point User’s Guide Figure 9-12 Configuration Upload Error 9.5.3 Back to Factory Defaults Pressing the Reset button in this section clears all user-entered configuration information and returns the ZyAIR to its factory defaults as shown on the screen. This will erase all configurations that you have applied. Figure 9-13 Back to Factory Default The following warning screen will appear.
ZyAIR G-1000 Access Point User’s Guide Figure 9-14 Reset Warning Message You can also press the RESET button on the rear panel to reset the factory defaults of your ZyAIR. Refer to the chapter on top panel connections for more information on the RESET button.
SMT Configuration Part V: SMT CONFIGURATION This part contains SMT (System Management Terminal) configuration and background information for features only configurable by SMT. See the web configurator parts of this guide for background information on features configurable by web configurator and SMT.
ZyAIR G-1000 Access Point User’s Guide Chapter 10 Introducing the SMT This chapter describes how to access the SMT and provides an overview of its menus. 10.1 Connect to your ZyAIR Using Telnet The following procedure details how to telnet into your ZyAIR. Step 1. In Windows, click Start (usually in the bottom left corner), Run and then type “telnet 192.168.1.2” (the default IP address) and click OK. Step 2. Enter “1234” in the Password field. Step 3.
ZyAIR G-1000 Access Point User’s Guide Step 2. Enter 1 to display Menu 23.1 – System Security – Change Password as shown next. Step 3. Type your existing system password in the Old Password field, and press [ENTER]. Menu 23.1 – System Security – Change Password Old Password= **** New Password= ? Retype to confirm= ? Enter here to CONFIRM or ESC to CANCEL: Figure 10-2 Menu 23.1 System Security : Change Password Step 4.
ZyAIR G-1000 Access Point User’s Guide Figure 10-3 SMT Menu Overview Introducing the SMT 10-3
ZyAIR G-1000 Access Point User’s Guide 10.5 Navigating the SMT Interface The SMT (System Management Terminal) is the interface that you use to configure your ZyAIR. Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below. Table 10-1 Main Menu Commands OPERATION KEYSTROKE DESCRIPTION Move down to another menu [ENTER] To move forward to a submenu, type in the number of the desired submenu and press [ENTER].
ZyAIR G-1000 Access Point User’s Guide Copyright (c) 1994 - 2003 ZyXEL Communications Corp. ZyAIR G-1000 Main Menu Getting Started 1. General Setup 3. LAN Setup Advanced Management 22. SNMP Configuration 23. System Security 24. System Maintenance Advanced Applications 14. Dial-in User Setup 99. Exit Enter Menu Selection Number: Figure 10-4 SMT Main Menu 10.5.
ZyAIR G-1000 Access Point User’s Guide Chapter 11 General Setup The chapter shows you the information on general setup. 11.1 General Setup Menu 1 – General Setup contains administrative and system-related information (shown next). The System Name field is for identification purposes. It is recommended you type your computer's "Computer name". The Domain Name field is not a required field. Leave this field blank or enter the domain name here if you know it. 11.1.1 Procedure To Configure Menu 1 Step 1.
ZyAIR G-1000 Access Point User’s Guide Table 11-1 Menu 1 General Setup FIELD DESCRIPTION EXAMPLE System Name Choose a descriptive name for identification purposes. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and underscores "_" are accepted. G-1000 Domain Name This is not a required field. Leave this field blank or enter the domain name here if you know it.
ZyAIR G-1000 Access Point User’s Guide Chapter 12 LAN Setup This chapter shows you how to configure the LAN on your ZyAIR.. 12.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 – LAN Setup. From the main menu, enter 3 to display menu 3. Menu 3 - LAN Setup 2. TCP/IP Setup 5. Wireless LAN Setup Enter Menu Selection Number: Figure 12-1 Menu 3 LAN Setup Detailed explanation about the LAN Setup screens is given in the next chapter. 12.2 TCP/IP Ethernet Setup Use menu 3.
ZyAIR G-1000 Access Point User’s Guide Follow the instructions in the following table on how to configure the DHCP fields. Table 12-1 Menu 3.2 TCP/IP Setup FIELD IP Address Assignment DESCRIPTION EXAMPLE Press [SPACE BAR] and then [ENTER] to select Dynamic to have the ZyAIR obtain an IP address from a DHCP server. You must know the IP address assigned to the ZyAIR (by the DHCP server) to access the ZyAIR again. Select Static to give the ZyAIR a fixed, unique IP address.
ZyAIR G-1000 Access Point User’s Guide Menu 3.5 - Wireless LAN Setup ESSID= Wireless Hide ESSID= No Channel ID= CH06 2437MHz RTS Threshold= 2432 Frag. Threshold= 2432 WEP Encryption= Disable Default Key= N/A Key1= N/A Key2= N/A Key3= N/A Key4= N/A Authen. Method= N/A Edit MAC Address Filter= No Edit Roaming Configuration= No Breathing LED= Yes . Press ENTER to Confirm or ESC to Cancel: Figure 12-3 Menu 3.5 Wireless LAN Setup The following table describes the fields in this menu. Table 12-2 Menu 3.
ZyAIR G-1000 Access Point User’s Guide Table 12-2 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION EXMAPLE WEP Encryption Select Disable to allow wireless stations to communicate with the access points without any data encryption. Select 64-bit WEP or 128-bit WEP to enable data encryption. Disable Enter the key number (1 to 4) in this field. Only one key can be enabled at any one time. This key must be the same on the ZyAIR and the wireless stations to communicate.
ZyAIR G-1000 Access Point User’s Guide 12.3.1 Configuring MAC Address Filtering Your ZyAIR checks the MAC address of the wireless station device against a list of allowed or denied MAC addresses. However, intruders could fake allowed MAC addresses so MAC-based authentication is less secure than EAP authentication. Follow the steps below to create the MAC address table on your ZyAIR. Step 1. From the main menu, enter 3 to open Menu 3 – LAN Setup. Step 2. Enter 5 to display Menu 3.5 – Wireless LAN Setup.
ZyAIR G-1000 Access Point User’s Guide Menu 3.5.
ZyAIR G-1000 Access Point User’s Guide Step 1. From the main menu, enter 3 to display Menu 3 – LAN Setup. Step 2. Enter 5 to display Menu 3.5 – Wireless LAN Setup. Menu 3.5 - Wireless LAN Setup ESSID= Wireless Hide ESSID= No Channel ID= CH06 2437MHz RTS Threshold= 2432 Frag. Threshold= 2432 WEP Encryption= Disable Default Key= N/A Key1= N/A Key2= N/A Key3= N/A Key4= N/A Authen.
ZyAIR G-1000 Access Point User’s Guide Table 12-4 Menu 3.5.2 Roaming Configuration FIELD Port # DESCRIPTION Type the port number to communicate roaming information between access points. The port number must be the same on all access points. The default is 16290. Make sure this port is not used by other services. When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.
ZyAIR G-1000 Access Point User’s Guide Chapter 13 Dial-in User Setup This chapter shows you how to create user accounts on the ZyAIR. 13.1 Dial-in User Setup By storing user profiles locally, your ZyAIR is able to authenticate wireless users without interacting with a network RADIUS server. Follow the steps below to set up user profiles on your ZyAIR. Step 1. From the main menu, enter 14 to display Menu 14 - Dial-in User Setup. Menu 14 - Dial-in User Setup 1. 2. 3. 4. 5. 6. 7. 8.
ZyAIR G-1000 Access Point User’s Guide Table 13-1 Menu 14.1- Edit Dial-in User FIELD User Name DESCRIPTION Enter a username up to 31 alphanumeric characters long for this user profile. This field is case sensitive. Active Press [SPACE BAR] to select Yes and press [ENTER] to enable the user profile. Password Enter a password up to 31 characters long for this user profile.
ZyAIR G-1000 Access Point User’s Guide Chapter 14 SNMP Configuration This chapter explains SNMP Configuration menu 22. 14.1 SNMP Overview Simple Network Management Protocol is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your ZyAIR supports SNMP agent functionality, which allows a manager station to manage and monitor the ZyAIR through the network. The ZyAIR supports SNMP version one (SNMPv1) and version two c (SNMPv2c).
ZyAIR G-1000 Access Point User’s Guide An agent is a management software module that resides in a managed device (the ZyAIR). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions. It executes applications that control and monitor managed devices.
ZyAIR G-1000 Access Point User’s Guide Menu 22 - SNMP Configuration SNMP: Get Community= public Set Community= public Trusted Host= 0.0.0.0 Trap: Community= public Destination= 0.0.0.0 Press ENTER to Confirm or ESC to Cancel: Figure 14-2 Menu 22 SNMP Configuration The following table describes the SNMP configuration parameters.
ZyAIR G-1000 Access Point User’s Guide Table 14-2 SNMP Traps TRAP # TRAP NAME DESCRIPTION 1 coldStart (defined in RFC-1215) A trap is sent after booting (power on). 2 warmStart (defined in RFC-1215) A trap is sent after booting (software reboot). 3 linkUp (defined in RFC-1215) A trap is sent with the port number. 4 authenticationFailure (defined in RFC-1215) A trap is sent to the manager when receiving any SNMP get or set requirements with wrong community (password).
ZyAIR G-1000 Access Point User’s Guide Chapter 15 System Security This chapter describes how to configure the system security on the ZyAIR. 15.1 System Security You can configure the system password, an external RADIUS server and 802.1x in this menu. 15.1.1 System Password Menu 23 - System Security 1. Change Password 2. RADIUS Server 4. IEEE802.1x Figure 15-1 Menu 23 System Security You should change the default password. If you forget your password you have to restore the default configuration file.
ZyAIR G-1000 Access Point User’s Guide Menu 23.2 - System Security - RADIUS Server Authentication Server: Active= No Server Address= 10.11.12.13 Port #= 1812 Shared Secret= ? Accounting Server: Active= No Server Address= 10.11.12.13 Port #= 1813 Shared Secret= ? Press ENTER to Confirm or ESC to Cancel: Figure 15-3 Menu 23.2 System Security: RADIUS Server The following table describes the fields in this menu. Table 15-1 Menu 23.
ZyAIR G-1000 Access Point User’s Guide Table 15-1 Menu 23.2 System Security: RADIUS Server FIELD DESCRIPTION Port The default port of the RADIUS server for accounting is 1813. EXAMPLE 1813 You need not change this value unless your network administrator instructs you to do so with additional information. Shared Secret Specify a password (up to 31 alphanumeric characters) as the key to be shared between the external accounting server and the access points. The key is not sent over the network.
ZyAIR G-1000 Access Point User’s Guide Menu 23.4 - System Security - IEEE802.1X Wireless Port Control= Authentication Required ReAuthentication Timer (in second)= 1800 Idle Timeout (in second)= 3600 Authentication Databases= RADIUS Only Dynamic WEP Key Exchange= Disable Press ENTER to Confirm or ESC to Cancel: Figure 15-5 Menu 23.4 System Security : IEEE802.1x The following table describes the fields in this menu. Table 15-2 Menu 23.4 System Security : IEEE802.
ZyAIR G-1000 Access Point User’s Guide Table 15-2 Menu 23.4 System Security : IEEE802.1x FIELD Authentication Databases DESCRIPTION This field is activated only when you select Authentication Required in the Wireless Port Control field. The authentication database contains wireless station login information. The local user database is the built-in database on the ZyAIR. The RADIUS is an external server. Use this field to decide which database the ZyAIR should use (first) to authenticate a wireless station.
ZyAIR G-1000 Access Point User’s Guide Chapter 16 System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software. This chapter describes how to use these tools in detail. Type 24 in the main menu and press [ENTER] to open Menu 24 – System Maintenance, as shown in the following figure. Menu 24 – System Maintenance 1. 2. 3. 4. 5. 6.
ZyAIR G-1000 Access Point User’s Guide Menu 24.1 - System Maintenance - Status Port Status Time Ethernet 100M/Full 1:57:17 Wireless 54M 1:57:16 Port Ethernet Wireless TxPkts RxPkts Cols Tx B/s Rx B/s 1622 2117 0 258 128 596 0 0 0 0 Ethernet Address 00:A0:C5:00:00:01 00:A0:C5:00:00:01 System up Time: 03:47:42 Sat. Jan. 01, 2000 IP Address 192.168.1.2 IP Mask 255.255.255.0 Up DHCP None 3:47:46 Press Command: COMMANDS: 9-Reset Counters ESC-Exit Figure 16-2 Menu 24.
ZyAIR G-1000 Access Point User’s Guide 16.2 System Information and Console Port Speed To get to the System Information: Step 1. Enter 24 to display Menu 24 – System Maintenance. Step 2. Enter 2 to display Menu 24.2 – System Information and Console Port Speed. Step 3. From this menu you have two choices as shown in the next figure: Menu 24.2 - System Information and Console Port Speed 1. System Information 2. Console Port Speed Please enter selection: Figure 16-3 Menu 24.
ZyAIR G-1000 Access Point User’s Guide Table 16-2 Menu 24.2.1 System Maintenance: Information FIELD DESCRIPTION Name Displays the system name of your ZyAIR. This information can be changed in Menu 1 – General Setup. Routing Refers to the routing protocol used. ZyNOS F/W Version Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Country Code Refers to the country code of the firmware.
ZyAIR G-1000 Access Point User’s Guide 16.3.1 Viewing Error Log The first place you should look for clues when something goes wrong is the error log. Follow the procedures to view the local error/trace log: Step 1. Type 24 in the main menu to display Menu 24 – System Maintenance. Step 2. From menu 24, type 3 to display Menu 24.3 – System Maintenance – Log and Trace. Menu 24.3 - System Maintenance - Log and Trace 1. View Error Log Please enter selection: Figure 16-6 Menu 24.
ZyAIR G-1000 Access Point User’s Guide Menu 24.4 - System Maintenance - Diagnostic TCP/IP 1. Ping Host 2. DHCP Release 3. DHCP Renewal System 11. Reboot System Enter Menu Selection Number: Host IP Address= N/A Figure 16-8 Menu 24.4 System Maintenance : Diagnostic Follow the procedure next to get to display this menu: Step 1. From the main menu, type 24 to open Menu 24 – System Maintenance. Step 2. From this menu, type 4. Diagnostic to open Menu 24.4 – System Maintenance – Diagnostic.
ZyAIR G-1000 Access Point User’s Guide Chapter 17 Firmware and Configuration File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files using the SMT screens. 17.1 Filename Conventions The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password and TCP/IP Setup, etc. It arrives from ZyXEL with a rom filename extension.
ZyAIR G-1000 Access Point User’s Guide Table 17-1 Filename Conventions FILE TYPE INTERNAL NAME EXTERNAL NAME DESCRIPTION Configuration File Rom-0 *.rom This is the configuration filename on the ZyAIR. Uploading the rom-0 file replaces the entire ROM file system, including your ZyAIR configurations, system-related data (including the default password), the error log and the trace log. Firmware Ras *.bin This is the generic name for the ZyNOS firmware on the ZyAIR. 17.
ZyAIR G-1000 Access Point User’s Guide 17.2.2 Using the FTP command from the DOS Prompt Step 1. Launch the FTP client on your computer. Step 2. Enter “open” and the IP address of your ZyAIR. Step 3. Press [ENTER] when prompted for a username. Step 4. Enter “root” and your SMT password as requested. The default is 1234. Step 5. Enter “bin” to set transfer mode to binary. Step 6. Use “get” to transfer files from the ZyAIR to the computer, for example, “get rom-0 config.
ZyAIR G-1000 Access Point User’s Guide Table 17-2 General Commands for Third Party FTP Clients COMMAND DESCRIPTION Initial Remote Directory Specify the default remote directory (path). Initial Local Directory Specify the default local directory (path). FTP over WAN will not work if you have disabled the FTP service in menu 24.11. 17.2.3 Backup Configuration Using TFTP The ZyAIR supports the up/downloading of the firmware and the configuration file using TFTP (Trivial File Transfer Protocol) over LAN.
ZyAIR G-1000 Access Point User’s Guide where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the ZyAIR IP address, “get” transfers the file source on the ZyAIR (rom-0 name of the configuration file on the ZyAIR) to the file destination on the computer and renames it config.rom. The following table describes some of the fields that you may see in third party TFTP clients.
ZyAIR G-1000 Access Point User’s Guide Menu 24.6 – Restore Configuration To transfer the firmware and the configuration file, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your router. Then type "root" and SMT password as requested. 3. Type “put backupfilename rom-0” where backupfilename is the name of your backup configuration file on your workstation and rom-spt is the Remote file name on the router.
ZyAIR G-1000 Access Point User’s Guide 17.4.1 Firmware Upload FTP is the preferred method for uploading the firmware and configuration. To use this feature, your computer must have an FTP client. When you telnet into the ZyAIR, you will see the following screens for uploading firmware and the configuration file using FTP. Menu 24.7.1 - System Maintenance - Upload System Firmware To upload the system firmware, follow the procedure below: 1. Launch the FTP client on your workstation. 2.
ZyAIR G-1000 Access Point User’s Guide Menu 24.7.2 - System Maintenance - Upload System Configuration File To upload the system configuration file, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your system. Then type "root" and SMT password as requested. 3.
ZyAIR G-1000 Access Point User’s Guide 331 Enter PASS command Password: 230 Logged in ftp> bin 200 Type I OK ftp> put firmware.bin ras 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp: 327680 bytes sent in 1.10Seconds 297.89Kbytes/sec. ftp> quit Figure 17-7 FTP Session Example More commands that you may find in third party FTP clients, are listed earlier in this chapter. FTP over WAN will not work if you have applied a filter in menu 11.
ZyAIR G-1000 Access Point User’s Guide 17.4.5 Example: TFTP Command The following is an example TFTP command: TFTP [-i] host put firmware.bin ras where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the ZyAIR’s IP address, “put” transfers the file source on the computer (firmware.bin – name of the firmware on the computer) to the file destination on the remote host (ras - name of the firmware on the ZyAIR).
ZyAIR G-1000 Access Point User’s Guide Chapter 18 System Maintenance and Information This chapter leads you through SMT menus 24.8 to 24.11. 18.1 Command Interpreter Mode The Command Interpreter (CI) is a part of the main system firmware. The CI provides much of the same functionality as the SMT, while adding some low-level setup and diagnostic functions. Enter the CI from the SMT by selecting menu 24.8. See the included disk or the zyxel.com web site for more detailed information on CI commands.
ZyAIR G-1000 Access Point User’s Guide 18.2 Time and Date Setting The ZyAIR keeps track of the time and date. There is also a software mechanism to set the time manually or get the current time and date from an external server when you turn on your ZyAIR. Menu 24.10 allows you to update the time and date settings of your ZyAIR. The real time is then displayed in the ZyAIR error logs and firewall logs. Step 1. Select menu 24 in the main menu to open Menu 24 – System Maintenance. Step 2.
ZyAIR G-1000 Access Point User’s Guide Table 18-1 Menu 24.10 System Maintenance: Time and Date Setting FIELD DESCRIPTION Time Server Address Enter the IP address or domain name of your time server. Check with your ISP/network administrator if you are unsure of this information. Current Time This field displays an updated time only when you reenter this menu. New Time Enter the new time in hour, minute and second format.
ZyAIR G-1000 Access Point User’s Guide Chapter 19 Remote Management This chapter covers remote management (SMT menu 24.11). 19.1 Telnet You can configure your ZyAIR for remote Telnet access as shown next. Figure 19-1 Telnet Configuration on a TCP/IP Network 19.2 FTP You can upload and download ZyAIR firmware and configuration files using FTP. To use this feature, your computer must have an FTP client. 19.3 Web You can use the ZyAIR’s embedded web configurator for configuration and file management.
ZyAIR G-1000 Access Point User’s Guide 19.4.1 Remote Management Setup Remote management setup is for managing Telnet, FTP and Web services. You can customize the service port, access interface and the secured client IP address to enhance security and flexibility. You may manage your ZyAIR from a remote location via: the wireless LAN(WLAN only), the LAN only, All (LAN and WLAN) or Disable (neither).
ZyAIR G-1000 Access Point User’s Guide Table 19-1 Menu 24.11 Remote Management Control FIELD DESCRIPTION Access Select the access interface (if any) by pressing the [SPACE BAR]. Choices are: LAN only, WLAN only, All or Disable. Secured Client IP The default 0.0.0.0 allows any client to use this service to remotely manage the ZyAIR. Enter an IP address to restrict access to a client with a matching IP address. EXAMPLE LAN only 0.0.0.
Appendices Part VI: APPENDICES This part provides background information about setting up your computer’s IP address, wireless LAN, 802.1x, PPPoE, PPTP and IP subnetting. It also provides information on the command interpreter interface, NetBIOS commands and logs.
ZyAIR G-1000 Access Point User’s Guide Appendix A Troubleshooting This appendix covers potential problems and possible remedies. After each problem description, some instructions are provided to help you to diagnose and to solve the problem. Please see our included disk for further information Problems Starting Up the ZyAIR Chart A-1 Troubleshooting the Start-Up of Your ZyAIR PROBLEM CORRECTIVE ACTION None of the LEDs turn on when I plug in the power adaptor.
ZyAIR G-1000 Access Point User’s Guide Chart A-2 Troubleshooting the Ethernet Interface PROBLEM I cannot ping any computer on the LAN. CORRECTIVE ACTION If the ETHN LED on the front panel is off, check the Ethernet cable connections between your ZyAIR and the Ethernet device. Check the Ethernet cable connections between the Ethernet device and the LAN computers. Check for faulty Ethernet cables. Make the Ethernet cable does not exceed 100 meters.
ZyAIR G-1000 Access Point User’s Guide Problems with the WLAN Interface Chart A-5 Troubleshooting the WLAN Interface PROBLEM Cannot access the ZyAIR from the WLAN. CORRECTIVE ACTION Make sure the ZyAIR is turned on and the Link LED is off. Make sure the wireless adapter on the wireless station is working properly. Check that both the ZyAIR and your wireless station are using the same ESSID, channel and WEP keys (if WEP encryption is activated). I cannot ping any computer on the WLAN.
ZyAIR G-1000 Access Point User’s Guide Appendix B Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.
ZyAIR G-1000 Access Point User’s Guide If you need the adapter: a. In the Network window, click Add. b. Select Adapter and then click Add. c. Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: a. In the Network window, click Add. b. Select Protocol and then click Add. c. Select Microsoft from the list of manufacturers. d. Select TCP/IP from the list of network protocols and then click OK. If you need Client for Microsoft Networks: a. Click Add.
ZyAIR G-1000 Access Point User’s Guide 1. Click the IP Address tab. -If your IP address is dynamic, select Obtain an IP address automatically. -If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. 2. Click the DNS Configuration tab. -If you do not know your DNS information, select Disable DNS.
ZyAIR G-1000 Access Point User’s Guide 3. Click the Gateway tab. -If you do not know your gateway’s IP address, remove previously installed gateways. -If you have a gateway IP address, type it in the New gateway field and click Add. 4. Click OK to save and close the TCP/IP Properties window. 5. Click OK to close the Network window. Insert the Windows CD if prompted. 6. Turn on your ZyAIR and restart your computer when prompted. Verifying Your Computer’s IP Address 1. Click Start and then Run. 2.
ZyAIR G-1000 Access Point User’s Guide 1. For Windows XP, click start, Control Panel. In Windows 2000/NT, click Start, Settings, Control Panel. 2. For Windows XP, click Network Connections. For Windows 2000/NT, click Network and Dial-up Connections. Setting Up Your Computer’s IP Address 3. Right-click Local Area Connection and then click Properties.
ZyAIR G-1000 Access Point User’s Guide 4. Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. 5. The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). -If you have a dynamic IP address click Obtain an IP address automatically. -If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. Click Advanced.
ZyAIR G-1000 Access Point User’s Guide 6. -If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: -In the IP Settings tab, in IP addresses, click Add. -In TCP/IP Address, type an IP address in IP address and a subnet mask in Subnet mask, and then click Add. -Repeat the above two steps for each IP address you want to add.
ZyAIR G-1000 Access Point User’s Guide 7. In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): -Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). -If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields. If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. 8.
ZyAIR G-1000 Access Point User’s Guide 1. Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. 2. Select Ethernet built-in from the Connect via list. 3. For dynamically assigned settings, select Using DHCP Server from the Configure: list.
ZyAIR G-1000 Access Point User’s Guide 4. For statically assigned settings, do the following: -From the Configure box, select Manually. -Type your IP address in the IP Address box. -Type your subnet mask in the Subnet mask box. -Type the IP address of your ZyAIR in the Router address box. 5. Close the TCP/IP Control Panel. 6. Click Save if prompted, to save changes to your configuration. 7. Turn on your ZyAIR and restart your computer (if prompted).
ZyAIR G-1000 Access Point User’s Guide 2. Click Network in the icon bar. - Select Automatic from the Location list. - Select Built-in Ethernet from the Show list. - Click the TCP/IP tab. 3. For dynamically assigned settings, select Using DHCP from the Configure list. 4. For statically assigned settings, do the following: -From the Configure box, select Manually. -Type your IP address in the IP Address box. -Type your subnet mask in the Subnet mask box.
ZyAIR G-1000 Access Point User’s Guide Appendix C Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provides a flexible data communications system that you can use to access various services (navigating the Internet, email, printer services, etc.) without the use of a cabled connection. In effect a wireless LAN environment provides you the freedom to stay connected to the network while roaming around in the coverage area. WLAN is not available on all models.
ZyAIR G-1000 Access Point User’s Guide Spread Spectrum (DSSS) and Frequency-Hopping Spread Spectrum (FHSS), in the 2.4 to 2.4825 GHz unlicensed ISM (Industrial, Scientific and Medical) band. The third method is infrared technology, using very high frequencies, just below visible light in the electromagnetic spectrum to carry data.
ZyAIR G-1000 Access Point User’s Guide Infrastructure Wireless LAN Configuration For infrastructure WLANs, multiple access points (APs) link the WLAN to the wired network and allow users to efficiently share network resources. The access points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood. Multiple access points can provide wireless coverage for an entire building or campus.
ZyAIR G-1000 Access Point User’s Guide Diagram 2 ESS Provides Campus-Wide Coverage C-4 Wireless LAN and IEEE 802.
ZyAIR G-1000 Access Point User’s Guide Appendix D Wireless LAN With IEEE 802.1x As wireless networks become popular for both portable computing and corporate networks, security is now a priority. Security Flaws with IEEE 802.11 Wireless networks based on the original IEEE 802.11 have a poor reputation for safety. The IEEE 802.11b wireless access standard, first published in 1999, was based on the MAC address. As the MAC address is sent across the wireless link in clear text, it is easy to spoof and fake.
ZyAIR G-1000 Access Point User’s Guide RADIUS Server Authentication Sequence The following figure depicts a typical wireless network with a remote RADIUS server for user authentication using EAPOL (EAP Over LAN). Client computer access authorized. Client computer access not authorized. Diagram 3 Sequences for EAP MD5–Challenge Authentication D-2 Wireless LAN with IEEE 802.
ZyAIR G-1000 Access Point User’s Guide Appendix E Types of EAP Authentication This appendix discusses the four popular EAP authentication types: EAP-MD5, EAP-TLS, EAP-TTLS and PEAP. The type of authentication you use depends on the RADIUS server or the AP. Consult your network administrator for more information. EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station.
ZyAIR G-1000 Access Point User’s Guide hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5 and EAPMSCHAPv2, for client authentication. For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, simple user name and password pair is more practical. The following table is a comparison of the features of four authentication types.
ZyAIR G-1000 Access Point User’s Guide Appendix F Antenna Selection and Positioning Recommendation An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air. Choosing the right antennas and positioning them properly increases the range and coverage area of a wireless LAN.
ZyAIR G-1000 Access Point User’s Guide environment. With a wide coverage area, it is possible to make circular overlapping coverage areas with multiple access points. • Directional antennas concentrate the RF signal in a beam, like a flashlight. The angle of the beam width determines the direction of the coverage pattern; typically ranges from 20 degrees (less directional) to 90 degrees (very directional). The directional antennas are ideal for hallways and outdoor point-to-point applications.
ZyAIR G-1000 Access Point User’s Guide Appendix G IP Subnetting IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1. IP addresses are categorized into different classes. The class of an address depends on the value of its first octet. Class “A” addresses have a 0 in the left most bit.
ZyAIR G-1000 Access Point User’s Guide A class “A” address (24 host bits) can have 224 –2 hosts (approximately 16 million hosts). Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B” address has a valid range of 128 to 191. The first octet of a class “C” address begins with “110”, and therefore has a range of 192 to 223.
ZyAIR G-1000 Access Point User’s Guide sequence of ones beginning from the left most bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits. Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet.
ZyAIR G-1000 Access Point User’s Guide Divide the network 192.168.1.0 into two separate subnets by converting one of the host ID bits of the IP address to a network number bit. The “borrowed” host ID bit can be either “0” or “1” thus giving two subnets; 192.168.1.0 with mask 255.255.255.128 and 192.168.1.128 with mask 255.255.255.128. In the following charts, shaded/bolded last octet bit values indicate host ID bits “borrowed” to form network ID bits.
ZyAIR G-1000 Access Point User’s Guide to an actual host for the first subnet is 192.168.1.1 and the highest is 192.168.1.126. Similarly the host ID range for the second subnet is 192.168.1.129 to 192.168.1.254. Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11.
ZyAIR G-1000 Access Point User’s Guide Chart 14 Subnet 3 NETWORK NUMBER Subnet Mask (Binary) LAST OCTET BIT VALUE 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.128 Lowest Host ID: 192.168.1.129 Broadcast Address: 192.168.1.191 Highest Host ID: 192.168.1.190 Chart 15 Subnet 4 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 192 IP Address (Binary) 11000000.10101000.00000001. 11000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.
ZyAIR G-1000 Access Point User’s Guide The following table is a summary for class “C” subnet planning. Chart 17 Class C Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.255.128 (/25) 2 126 2 255.255.255.192 (/26) 4 62 3 255.255.255.224 (/27) 8 30 4 255.255.255.240 (/28) 16 14 5 255.255.255.248 (/29) 32 6 6 255.255.255.252 (/30) 64 2 7 255.255.255.254 (/31) 128 1 Subnetting With Class A and Class B Networks.
ZyAIR G-1000 Access Point User’s Guide Chart 18 Class B Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 9 255.255.255.128 (/25) 512 126 10 255.255.255.192 (/26) 1024 62 11 255.255.255.224 (/27) 2048 30 12 255.255.255.240 (/28) 4096 14 13 255.255.255.248 (/29) 8192 6 14 255.255.255.252 (/30) 16384 2 15 255.255.255.
ZyAIR G-1000 Access Point User’s Guide Appendix H Command Interpreter The following describes how to use the command interpreter. Enter 24 in the main menu to bring up the system maintenance menu. Enter 8 to go to Menu 24.8 - Command Interpreter Mode. See the included disk or zyxel.com for more detailed information on these commands. Use of undocumented commands or misconfiguration can damage the unit and possibly render it unusable. Command Syntax The command keywords are in courier new font.
ZyAIR G-1000 Access Point User’s Guide Appendix I NetBIOS Filter Commands The following describes the NetBIOS packet filter commands. See the Command Interpreter appendix for information on the command structure. Introduction NetBIOS (Network Basic Input/Output System) are TCP or UDP broadcast packets that enable a computer to connect to and communicate with a LAN. For some dial-up services such as PPPoE or PPTP, NetBIOS packets cause unwanted calls.
ZyAIR G-1000 Access Point User’s Guide Chart 19 NetBIOS Filter Default Settings NAME DESCRIPTION EXAMPLE IPSec Packets This field displays whether NetBIOS packets sent through a VPN connection are blocked or forwarded. Forward Trigger dial This field displays whether NetBIOS packets are allowed to initiate calls. Disabled means that NetBIOS packets are blocked from initiating calls.
ZyAIR G-1000 Access Point User’s Guide Appendix J Brute-Force Password Guessing Protection The following describes the commands for enabling, disabling and configuring the brute-force password guessing protection mechanism for the password. See the Command Interpreter appendix for information on the command structure. Chart 14-1 Brute-Force Password Guessing Protection Commands COMMAND DESCRIPTION sys pwderrtm This command displays the brute-force guessing password protection settings.
ZyAIR G-1000 Access Point User’s Guide Appendix K Log Descriptions This appendix describes some general log messages. Not all log messages are available on all models. Chart 20 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. number of session per host! This attempt to create a NAT session exceeds the maximum number of NAT session table entries allowed to be created per host.
ZyAIR G-1000 Access Point User’s Guide Chart 21 System Maintenance Logs LOG MESSAGE DESCRIPTION TELNET Login Fail Someone has failed to log on to the router via telnet. FTP Login Successfully Someone has logged on to the router via FTP. FTP Login Fail Someone has failed to log on to the router via FTP. NAT Session Table is Full! The maximum number of NAT session table entries has been exceeded and the table is full.
ZyAIR G-1000 Access Point User’s Guide Chart 23 ICMP Notes TYPE CODE 0 5 DESCRIPTION A gateway may discard internet datagrams if it does not have the buffer space needed to queue the datagrams for output to the next network on the route to the destination network.
ZyAIR G-1000 Access Point User’s Guide Chart 24 Sys log LOG MESSAGE Mon dd hr:mm:ss hostname src="" dst="" msg="" note="" DESCRIPTION This message is sent by the "RAS" when this syslog is generated. The messages and notes are defined in this appendix’s other charts. Log Commands Go to the command interpreter interface (the Command Interpreter Appendix explains how to access and use the commands).
ZyAIR G-1000 Access Point User’s Guide Use the sys logs clear command to erase all of the ZyAIR’s logs. Log Command Example This example shows how to set the ZyAIR to record the error logs and alerts and then view the results. ras> sys logs load ras> sys logs category error 3 ras> sys logs save ras> sys logs display access # .time notes source destination message 0|11/11/2002 15:10:12 |172.22.3.80:137 |ACCESS BLOCK |172.22.255.255:137 Firewall default policy: UDP(set:8) 1|11/11/2002 15:10:12 |172.21.
ZyAIR G-1000 Access Point User’s Guide Appendix L Power Adaptor Specifications NORTH AMERICAN PLUG STANDARDS AC Power Adaptor Model AD48-1201200DUY Input Power AC120Volts/60Hz/0.25A Output Power DC12Volts/1.2A Power Consumption 10 W Safety Standards UL, CUL (UL 1950, CSA C22.2 No.234-M90) NORTH AMERICAN PLUG STANDARDS AC Power Adaptor Model DV-121A2-5720 Input Power AC120Volts/60Hz/27VA Output Power DC12Volts/1.2A Power Consumption 10 W Safety Standards UL, CUL (UL 1310, CSA C22.2 No.
ZyAIR G-1000 Access Point User’s Guide JAPAN PLUG STANDARDS AC Power Adaptor Model JOD-48-1124 Input Power AC100Volts/ 50/60Hz/ 27VA Output Power DC12Volts/1.2A Power Consumption 10 W Safety Standards T-Mark (Japan Dentori) AUSTRALIA AND NEW ZEALAND PLUG STANDARDS AC Power Adaptor Model AD-1201200DS or AD-121200DS Input Power AC240Volts/50Hz/0.2A Output Power DC12Volts/1.
ZyAIR G-1000 Access Point User’s Guide Appendix M Index Customer Support .......................................................v A Address Assignment................................................7-1 Ad-hoc Configuration............................................. C-2 Alternative Subnet Mask Notation ......................... G-3 Antenna ...................................................................2-3 Directional ..........................................................F-2 Omni-directional .....
ZyAIR G-1000 Access Point User’s Guide Front Panel...............................................................2-1 FTP ........................................................................19-3 Restrictions........................................................19-3 FTP File Transfer...................................................17-7 Management Information Base (MIB) .................. 14-2 MD5 ........................................................................E-1 Message Digest Algorithm 5...
ZyAIR G-1000 Access Point User’s Guide Example ..............................................................5-7 Requirements ......................................................5-7 RTS Threshold ...............................................5-3, 12-3 S Server ......................................................................4-5 Service....................................................................... iv Service Set...............................................................