ZyXEL AG-200 User’s Guide ZyXEL AG-200 802.11a/b/g Wireless USB 2.0 Adapter User's Guide Version 1.
ZyXEL AG-200 User’s Guide Copyright Copyright ©2004 by ZyXEL Communications Corporation The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
ZyXEL AG-200 User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two (2) years from the date of purchase.
ZyXEL AG-200 User’s Guide Federal Communications Commission (FCC) 1 Interference Statement The device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations. This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules.
ZyXEL AG-200 User’s Guide Customer Support When contacting your Customer Support Representative, please have the following information ready: ¾ Product model and serial number. ¾ Warranty Information. ¾ Date you received your product. ¾ Brief description of the problem and the steps you took to solve it. METHOD SUPPORT E-MAIL SALES E-MAIL TELEPHONE2 FAX 2 WEB SITE REGULAR MAIL FTP SITE LOCATION WORLDWIDE NORTH AMERICA 2 support@zyxel.com.tw +886-3-578-3942 www.zyxel.com www.europe.zyxel.
ZyXEL AG-200 User’s Guide Table of Contents Copyright....................................................................................................................................................... ii ZyXEL Limited Warranty..........................................................................................................................iii Federal Communications Commission (FCC) Interference Statement .................................................. iv Customer Support .....................
ZyXEL AG-200 User’s Guide 2.4 RTS/CTS Threshold......................................................................................................................2-8 2.5 Authentication Type .....................................................................................................................2-9 Chapter 3 Maintenance .............................................................................................................................3-1 3.1 The Version Screen ...................
ZyXEL AG-200 User’s Guide Preface Congratulations on the purchase of your new ZyXEL AG-200! About This User's Guide This manual provides information about the ZyXEL Wireless LAN Utility. Syntax Conventions • “Type” or “Enter” means for you to type one or more characters. "Select" or "Choose" means for you to use one of the predefined choices. • Mouse action sequences are denoted using a comma.
ZyXEL AG-200 User’s Guide Graphics Icons Key Wireless Access Point Computer Notebook computer Modem Wireless Signal Switch Router Server Telephone Preface ix
ZyXEL AG-200 User’s Guide Chapter 1 Getting Started This chapter introduces the ZyXEL AG-200 and prepares you to use the ZyXEL Utility. 1.1 About Your ZyXEL AG-200 The ZyXEL AG-200 is an IEEE 802.11a, 802.11b, and 802.11g compliant wireless LAN adapter. With the ZyXEL AG-200, you can enjoy wireless mobility within almost any wireless networking environment. The following lists the main features of your ZyXEL AG-200. • • • • • • • • • 1.2 Your ZyXEL AG-200 can communicate with other IEEE 802.
ZyXEL AG-200 User’s Guide Double-clicking on the icon will display the following ZyXEL utility window. Each of the pages (Network, Profile, Site Survey, Options, Version) presented in the ZyXEL Utility are explained in the following sections.
ZyXEL AG-200 User’s Guide 1.3.1 Network This page shows how the network is presently configured: network mode, information on the connected AP, TCP/IP, etc. This information cannot be modified in the Network screen. The “Current Status” (lower) window shows the signal quality, signal strength, channel, etc. between the client and AP. It is always in view regardless of which page (Network, Profile, Search, Option, Version) is selected within the ZyXEL Utility.
ZyXEL AG-200 User’s Guide 1.3.2 Profile This page is used to manage connections with Access Points. You can create different configuration profiles for connections with different APs and SSIDs. The advantage of saving different profiles is the easiness of quickly changing connections without having to configure the PC with every single variable each time a connection change is made.
ZyXEL AG-200 User’s Guide 1) Click on [Add] and the following screen will appear. 2) On this screen you will insert some basic settings for your wireless network. a. [Profile Name] Enter in a descriptive name for this profile. b. [Network Mode] If connecting to an access point or wireless router, choose “Infrastructure” 3. If you are going to network one computer directly to another computer without an access point, then choose “Ad-Hoc”4. c.
ZyXEL AG-200 User’s Guide then click on [Add to Profile]. If the access point you choose has encryption enabled, a window will pop up reminding you to enter the encryption information on the next page. If your access point is not listed, close the [Site Survey] window, and type the name of the SSID into the [SSID] field. d. Click [Next]. The following screen will appear. This screen will vary in appearance depending on whether any encryption was detected with your access point.
ZyXEL AG-200 User’s Guide a. Click [Next]. The following screen will appear. 4) On this screen you will configure the wireless modes supported by this profile. a. Under [Frequency Band], put a check mark next to each wireless protocol you want this profile to support. If you are unsure of which protocol to choose, leave all checked. b. For [802.11g Configuration] leave all settings at default unless instructed by your network administrator to change them.
ZyXEL AG-200 User’s Guide c. Click [Next]. The following screen will appear. 5) Final Step a. Uncheck the box [Apply this profile now] if you do not want to activate this profile at this time. b. Click [Save] to complete the wizard and save the profile you have just created. Remove To remove a profile from the “Profile List” select it and then click on [Remove]. Apply If you want to change the current profile with another profile from the “Profile List”, select the desired profile and click on [Apply].
ZyXEL AG-200 User’s Guide Each page in [Properties] is explained below.
ZyXEL AG-200 User’s Guide Basic Settings: In this page, you can verify the name of the current profile. [Profile Name] Allows you to change the name of the current profile. [Network Mode] Allows you to change between Infrastructure and Ad-Hoc networking modes. [SSID] Allows you to change the SSID that this profile will associate with. Use the [Browse] button to perform a site survey and select the SSID from a list of available SSIDs.
ZyXEL AG-200 User’s Guide Advanced Settings: This screen allows you to make changes to the default ways the adapter operates including advanced 802.11 settings. Unless you are an advanced user and have deep knowledge about each property on this page, it is recommended that you leave them at the default settings.
ZyXEL AG-200 User’s Guide WLAN Security: This screen allows you to configure the security settings of your wireless LAN. Security Mode 1) No Encryption All data sent between the AP and the client is left unencrypted and may be viewed by other wireless devices. 2) WEP Wired Equivalent Privacy – Encrypts all traffic sent between the AP and the client using a shared key.
ZyXEL AG-200 User’s Guide To learn more about WPA please see Chapter 2. 4) WPA-PSK WPA-PSK is a compromise between WPA and WEP. Like WEP, it uses a pre-shared key that every user of the network must have in order to be able to send and receive data. Like WPA, it uses either TKIP or AES, which improve greatly over the encryption found in WEP. We recommend you use WPA or WPA-PSK whenever possible. Frequency Band: This screen lets you define which 802.11 wireless standards to try to connect to.
ZyXEL AG-200 User’s Guide Chipset Features: This screen allows you to configure advanced features built into the wireless chipset. [Tx Power Level] Allows you to adjust the output power of your radio. Reducing output power can reduce power usage of your laptop and will limit the distance that your wireless signal will reach. [Antenna Diversity] Defines whether to use both internal antennas. Antenna Diversity usually provides a higher quality connection. [Super A] Support for Atheros 108Mbps Super A mode.
ZyXEL AG-200 User’s Guide TCP/IP: This allows you to change your TCP/IP settings. [Use IP Changer] By putting a checkmark in the box, you will overwrite your existing WLAN TCP/IP configuration and use the IP Changer software built-into the ZyXEL Utility. This allows you to configure TCP/IP settings for each profile.
ZyXEL AG-200 User’s Guide 1.3.3 Site Survey This page shows a list of SSIDs in your vicinity. Information regarding each SSID is also shown: SSID, mode, signal strength, channel, BSSID (MAC address), data rate, and WEP/WPA status. Refresh [Refresh] will scan the vicinity for a certain amount of time and display the scan results. Strong Scan [Strong Scan] will continuously scan the vicinity every 2.5 seconds until you click on [Stop], which appears in place of [Strong Scan] when scanning.
ZyXEL AG-200 User’s Guide Selecting a network from the [Available Networks] list will enable the [Detail Info], [Connect] and [Add to profile] buttons. Detail Info [Detail info] will display the following screen showing the selected device's configuration information. An alternative to clicking on [Detail info] is double-clicking on the SSID of choice.
ZyXEL AG-200 User’s Guide Connect [Connect] will immediately connect you with the selected network.
ZyXEL AG-200 User’s Guide 1.3.4 Options In this page you can configure the behavior of the ZyXEL utility. Launch at windows startup Selecting this option will automatically start the ZyXEL Utility program whenever you start Windows. Auto DHCP renewal Automatically renews the DHCP information after changing profiles. Auto-Profile Selection Allows you to define the behavior of the auto-profile selection algorithm. Click [Settings] to configure. See following screen shot for options.
ZyXEL AG-200 User’s Guide 1-20 Getting Started
ZyXEL AG-200 User’s Guide 1.3.5 Version Software and Hardware information of the current client device.
ZyXEL AG-200 User’s Guide Chapter 2 Wireless LAN Networking This chapter provides background information on general wireless LAN networking technology and terminology. 2.1 Overview This section describes the wireless LAN network terms and applications. 2.1.1 SSID The SSID (Service Set Identity) is a unique name shared among all wireless devices in a wireless network. Wireless devices must have the same SSID to communicate with each other. 2.1.
ZyXEL AG-200 User’s Guide Ad-Hoc (IBSS) Ad-hoc mode does not require an AP or a wired network. Two or more wireless stations communicate directly to each other. An ad-hoc network may sometimes be referred to as an Independent Basic Service Set (IBSS). Figure 2-1 IBSS Example To set up an ad-hoc network, configure all wireless stations in ad-hoc network type and use the same SSID and channel.
ZyXEL AG-200 User’s Guide Figure 2-3 Infrastructure Network Example 2.1.5 Roaming In an infrastructure network, wireless stations are able to switch from one BSS to another as they move between the coverage areas. During this period, the wireless stations maintain uninterrupted connection to the network. This is roaming. As the wireless station moves from place to place, it is responsible for choosing the most appropriate AP depending on the signal strength, network utilization or other factors.
ZyXEL AG-200 User’s Guide Figure 2-4 Roaming Example 2.2 Wireless LAN Security Wireless LAN security is vital to your network to protect wireless communication between wireless stations and the wired network. The figure below shows the possible wireless security levels on your ZyXEL AG-200. EAP (Extensible Authentication Protocol) is used for authentication and utilizes dynamic WEP key exchange.
ZyXEL AG-200 User’s Guide Configure the wireless LAN security using the Profile Security Settings screen. If you do not enable any wireless security on your ZyXEL AG-200, the ZyXEL AG-200’s wireless communications are accessible to any wireless networking device that is in the coverage area. 2.2.1 Data Encryption with WEP WEP (Wired Equivalent Privacy) encryption scrambles all data packets transmitted between the ZyXEL AG-200 and the AP or other wireless stations to keep network communications private.
ZyXEL AG-200 User’s Guide User Authentication WPA applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database. Therefore, if you don’t have an external RADIUS server, you should use WPA-PSK (WPA -Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a client will be granted access to a WLAN.
ZyXEL AG-200 User’s Guide Step 4. The AP and wireless clients use the TKIP encryption process to encrypt data exchanged between them. Figure 2-6 WPA-PSK Authentication 2.2.5 WPA with RADIUS Application Example You need the IP address of the RADIUS server, its port number (default is 1812), and the RADIUS shared secret. A WPA application example with an external RADIUS server looks as follows. “A” is the RADIUS server. “DS” is the distribution system. Step 1.
ZyXEL AG-200 User’s Guide Figure 2-7 WPA with RADIUS Application Example 2.3 Fragmentation Threshold The Fragmentation Threshold is the maximum data fragment size (between 256 and 2432 bytes) that can be sent in the wireless network before the ZyXEL AG-200 will fragment the packet into smaller data frames. A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference.
ZyXEL AG-200 User’s Guide Figure 2-8 RTS Threshold When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations. RTS/CTS Threshold is designed to prevent collisions due to hidden nodes.
ZyXEL AG-200 User’s Guide Open authentication mode is implemented for ease-of-use and when security is not an issue. The wireless station and the AP do not share a secret key. Thus the wireless stations can associate with any AP and listen to any data transmitted plaintext. Shared authentication mode involves a shared secret key to authenticate the wireless station to the AP. This requires you to enable the wireless LAN security and use same settings on both the wireless station and the AP.
ZyXEL AG-200 User’s Guide Chapter 3 Maintenance This chapter describes how to uninstall or upgrade the ZyXEL Utility. 3.1 The Version Screen The Version screen displays related version numbers of the ZyXEL AG-200. The following table describes the read-only fields in this screen.
ZyXEL AG-200 User’s Guide About LABEL DESCRIPTION Package Version This field displays the version number of the combination driver/utility package. Driver Version This field displays the version number of the ZyXEL driver. Utility Version This field displays the version number of the ZyXEL utility. 3.2 Uninstalling the ZyXEL Utility Follow the steps below to remove (or uninstall) the ZyXEL Utility from your computer. Step 1. Click Start, Programs, ZyXEL ZyAIR SW, Uninstall. Step 2.
ZyXEL AG-200 User’s Guide 3.3 Upgrading the ZyXEL Utility Before you uninstall the ZyXEL Utility, take note of the current network configuration. To perform the upgrade, follow the steps below. Step 1. Download the latest version of the utility from the ZyXEL web site and save the file on your computer. Step 2. Follow the steps in Section 3.2 to remove the current ZyXEL Utility from your computer. Step 3. Restart your computer if prompted. Step 4.
ZyXEL AG-200 User’s Guide Chapter 4 Configuring Wireless Security This chapter covers the configuration of security options in the ZyXEL Utility. 4.1 Configuring Security You can configure your security settings at any time. Simply select the profile you wish to edit under the [Profile] tab, select [Properties] and then choose [WLAN Security]. You are also presented with the option to configure security during the profile creation process.
ZyXEL AG-200 User’s Guide 1. 2. 3. Select [WEP] under [Security Mode] Put a check mark next to [Using Static WEP] Click [Config]. You will then see the screen below. 4. [WEP Method] Select the correct encryption level to match your access point. Either 64, 128, or 152-bit. The encryption level set her must match the encryption level used by your access point. a. [Authentication] You can choose between Auto, Open System, and Shared. Please see section 2.
ZyXEL AG-200 User’s Guide Manual Input (Hexadecimal): You generate your own WEP Key using hexadecimal characters (10 characters for 64-bit, 26 characters for 128-bit, 32 characters for 152-bit). 5. 6. 4.3 1. 2. 3. Click [OK] to save your settings and return to the previous screen. If you want to use 802.1x authentication with WEP, you will need to configure your 802.1x settings. Please see section 4.5 for details on configuring 802.1x. Configuring WPA-PSK Select [WPA-PSK] under [Security Mode].
ZyXEL AG-200 User’s Guide 4.4 1. 2. 3. 4.5 1. 2. Configuring WPA Select [WPA-PSK] under [Security Mode]. Select [Encryption method]. You can choose between TKIP or AES. Most access points use TKIP for WPA. See section 4.5 for configuring 802.1x for WPA. Configuring 802.1x Choose the EAP method under [Authentication protocol]. Depending on the EAP method chosen the options under [User Information] will change. 4.5.1 Configuring 802.1x – EAP-MD5 1. 2. 4-4 EAP-MD5 is only a choice when use WEP.
ZyXEL AG-200 User’s Guide 4.5.2 Configuring 802.1x – EAP-LEAP 1. Enter in unique User ID and Password under [User Information] 4.5.3 Configuring 802.1x – EAP-PEAP 1. 2. 3. 4. 5. Click [Config] under [Authentication protocol] Select inner PEAP protocol. You choices are [MS-CHAP v2] or [TLS]. Click [OK] to finish and return to the previous screen. Enter in unique User ID and Password under [User Information]. If using a user6 or server certificate click [Config certificate].
ZyXEL AG-200 User’s Guide [Use user certificate]: Put a check in the box to activate user certificate. Then select certificate from the pull down menu. [Validate server certificate]: Put a check in the box to activate server certificate. Then select the certificate authority from the pull down menu. [Server name]: Name of server used for 802.1x authentication. [Server name should match exactly]: Check this box to force server name to match exactly the name in the certificate. 6.
ZyXEL AG-200 User’s Guide 4.5.4 Configuring 802.1x – EAP-TLS 1. 2. 3. Enter in unique User ID and Password under [User Information]. TLS requires you to configure both a server and user7 certificate. Click [Config certificate]. The following window appears: 7 You must first have a wired connection to a network and obtain the certificate(s) from a certificate authority (CA). Consult your network administrator for more information.
ZyXEL AG-200 User’s Guide [Use user certificate]: Put a check in the box to activate user certificate. Then select certificate from the pull down menu. [Validate server certificate]: Put a check in the box to activate server certificate. Then select the certificate authority from the pull down menu. [Server name]: Name of server used for 802.1x authentication. [Server name should match exactly]: Check this box to force server name to match exactly the name in the certificate. 4.
ZyXEL AG-200 User’s Guide 4.5.5 Configuring 802.1x – EAP-TTLS 1. 2. 3. 4. Enter in unique User ID and Password under [User Information]. Select inner TTLS protocol. You can choose between [PAP], [CHAP], [MS-CHAP], [MS-CHAP v2], or [MD5-Challenge]. Click [OK] to finish and return to the previous screen. Click [Config certificate].
ZyXEL AG-200 User’s Guide [Use user certificate]: Put a check in the box to activate user certificate. Then select certificate from the pull down menu. [Validate server certificate]: Put a check in the box to activate server certificate. Then select the certificate authority from the pull down menu. [Server name]: Name of server used for 802.1x authentication. [Server name should match exactly]: Check this box to force server name to match exactly the name in the certificate. 5.
ZyXEL AG-200 User’s Guide Chapter 5 Troubleshooting This chapter covers potential problems and possible remedies. After each problem description, some instructions are provided to help you diagnose and solve the problem. 5.1 Problems Starting the ZyXEL Utility Program Table 5-1 Troubleshooting Starting ZyXEL Utility Program PROBLEM Cannot start the ZyXEL Wireless LAN Utility CORRECTIVE ACTION Make sure the ZyXEL AG-200 is properly plugged in your USB port and the LED(s) is on.
ZyXEL AG-200 User’s Guide 5.3 Problems Communicating With Other Computers Table 5-3 Troubleshooting Communication Problems PROBLEM The ZyXEL AG-200 computer cannot communicate with the other computer. A. B. 5-2 Infrastructure Ad-Hoc (IBSS) CORRECTIVE ACTION Make sure you are connected to the network. Make sure that the AP and the associated computers are turned on and working properly. Make sure the ZyXEL AG-200 computer and the associated AP use the same SSID.
ZyXEL AG-200 User’s Guide Appendix A Types of EAP Authentication This appendix discusses the five popular EAP authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and LEAP. The type of authentication you use depends on the RADIUS server. Consult your network administrator for more information. EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station.
ZyXEL AG-200 User’s Guide LEAP LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE802.1x. For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, a simple user name and password pair is more practical. The following table is a comparison of the features of five authentication types.