Page 1
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA BETA December 2005...
NOTE: In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice. NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.
Declaration of Conformity Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. To assure continued compliance, any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment.
Page 4
In addition to its own antenna, the WG302 device has been approved for use with the following detachable antennas and antenna cables. Approved Antenna Gain and Approved Antenna Antenna Cable Antennas type Cable Length NETGEAR 14 dBi, directional NETGEAR ACC-10314- 30 m ANT24D18 outdoor/indoor 01 thru 05 NETGEAR 8.5 dBi, NETGEAR ACC-10314- 10 m ANT2409 omnidirectional 01 thru 05...
Contents Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Chapter 1 About This Manual Audience, Scope, Conventions, and Formats ..............1-1 How to Use This Manual ....................1-2 How to Print this Manual ....................1-2 Chapter 2 Introduction About the NETGEAR ProSafe 802.11g Wireless Access Point WG302 ......2-1 Key Features ........................2-2...
Page 10
Basic IP Settings ......................3-10 Wireless Settings ......................3-11 Security Profiles ......................3-13 Before You Change the SSID and WEP Settings ..........3-17 Setting up and Testing Basic Wireless Connectivity .............3-18 Configuring the Radius Server Settings ...............3-19 Configuring Network Authentication ................3-20 Entering WEP Data Encryption Keys ................3-21 Restricting Wireless Access by MAC Address .............3-21 Chapter 4 Management...
Page 11
Wi-Fi Multimedia (WMM) Setup ................5-6 Hotspot Settings .......................5-6 Configuring Wireless LAN Parameters ..............5-7 Wireless Bridging and Repeating ...................5-8 Point-to-Point Bridge Configuration ................5-10 Multi-Point Bridge Configuration ................5-11 Repeater with Wireless Client Association .............5-12 Configuring NAT ......................5-14 Configuring QoS Queues .....................5-14 Setting up Guest Access ....................5-15 Chapter 6 Troubleshooting...
Page 12
WPA and WPA2 Wireless Security .................8-8 How Does WPA Compare to WEP? .................8-9 How Does WPA Compare to WPA2 (IEEE 802.11i)? ..........8-9 What are the Key Features of WPA and WPA2 Security? ........8-9 Is WPA/WPA2 Perfect? ..................8-15 Product Support for WPA/WPA2 ................8-15 Appendix C Command Line Reference Configurable CLI and Web UI Settings Comparison ............9-1...
This reference manual assumes that the reader has basic to intermediate computer and Internet skills. However, basic computer network, Internet, firewall, and VPN technologies tutorial information is provided on the NETGEAR website. This guide uses the following typographical conventions: Table 1-1. Typographical Conventions...
• button to access the full NETGEAR, Inc. online knowledge base for the product model. • Links to PDF versions of the full manual and individual chapters.
Page 15
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 — Click the PDF of This Chapter link at the top right of any page in the chapter you want to print. The PDF version of the chapter you were viewing opens in a browser window.
Page 16
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 About This Manual v0.1, December 2005...
About the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The NETGEAR ProSafe 802.11g Wireless Access Point WG302 is the basic building block of a wireless LAN infrastructure. It provides connectivity between Ethernet wired networks and radio-equipped wireless notebook systems, desktop systems, print servers, and other devices.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Key Features The WG302 Wireless Access Point is easy-to-use and provides solid wireless and networking support. Supported Standards and Conventions The following standards and conventions are supported: • Standards Compliant. The Wireless Access Point complies with IEEE 802.11g standards for Wireless LANs.
Page 19
• Power over Ethernet. Power can be supplied to the WG302 over the Ethernet port from any 802.3af compliant mid-span or end-span source such as the NETGEAR FSM7326P Managed Power over Ethernet Layer 3 managed switch. • Autosensing Ethernet Connection with Auto Uplink Interface. Connects to 10/100 Mbps IEEE 802.3 Ethernet networks.
802.11 WLANs practical, efficient, and cost-effective. 802.11g Standards-based Wireless Networking The NETGEAR ProSafe 802.11g Wireless Access Point WG302 provides a bridge between Ethernet wired LANs and 802.11g compatible wireless LAN networks. It provides connectivity between Ethernet wired networks and radio-equipped wireless notebook systems, desktop systems, print servers, and other devices.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The WG302 also supports the following wireless features: • Distributed coordinated function (CSMA/CA, Back off procedure, ACK procedure, retransmission of unacknowledged frames) • RTS/CTS handshake • Beacon generation •...
Support Information card, along with the original packing materials, and use the packing materials to repack the WG302 if you need to return it for repair. To qualify for product updates and product warranty registrations, we encourage you to register on the NETGEAR Web site at: http://www.NETGEAR.com.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Hardware Description This section describes the WG302 front and rear hardware functions. Front Panel Figure 2-1 Viewed from left to right, the WG302 has these status LEDs: PWR, TEST, LAN, and 802.11g WLAN.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Description 802.11g WLAN Wireless LAN Link Activity Indicator (2.4 MHz) No wireless link activity. Green Blink Wireless link activity. Rear Panel Figure 2-2 Viewed from left to right, the back of the WG302 provides the following: 1.
Chapter 3 Basic Installation and Configuration This chapter describes how to set up your NETGEAR ProSafe 802.11g Wireless Access Point WG302 for wireless connectivity to your LAN. This basic configuration enables computers with 802.11b or 802.11g wireless adapters to do such things as connect to the Internet or access printers and files on your LAN..
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 For best results, place your wireless access point: • Near the center of the area in which your PCs operate. • In an elevated location such as a high shelf where the wirelessly connected PCs have line-of-sight access (even if through walls).
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Feature Factory Default Settings IP Configuration IP Address: 192.168.1.128 Subnet Mask: 255.255.255.0 Gateway: 0.0.0.0 802.11g Network Name (SSID) NETGEAR-0 Broadcast Network Name (SSID) Enabled 802.11g Radio Frequency Channel Managed automatically by AutoCell (default), if AutoCell is...
Page 28
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 WG302 Figure 3-1 There are several ways you can enhance the security of your wireless network: • Restrict Access Based on MAC address. You can restrict access to only trusted PCs so that unknown PCs cannot wirelessly connect to the WG302.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Use AutoCell Enhanced RF Security ‘Stealth Mode.’ In addition to standard encryption and security mechanisms such as WEP and WPA, the WG302 AutoCell feature provides self-organizing micro cells for an additional level of privacy for enterprises. In this mode, AutoCell shrinks the size of coverage to the minimum to reach clients but also shrinks the size of the beacons that access points use to announce their presence.
Page 30
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 – When prompted, enter admin for the user name, and password for the password, both in lower case letters. The Web browser displays the WG302 main menu and General page, as shown below.
Page 31
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 b. Click the Basic Settings link to view the Basic Settings menu. c. Configure the settings for your network and click Apply. Figure 3-3 d. Click Wireless Settings in the Setup section of the main menu to view the Wireless Settings menu.
Page 32
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Now that you have finished the setup, you are ready to deploy the WG302 in your network. If needed, you can now reconfigure the computer you used for this process back to its original TCP/IP settings.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Logging in to the WG302 Using Its Default IP Address The default IP address of your access point is 192.168.1.128. The WG302 is set, by default, for the DHCP client to be disabled.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Basic IP Settings To configure the basic settings of your wireless access point, click Basic Settings in the Setup section of the WG302 main menu. The Basic Settings menu appears, as shown in Figure 3-7.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • IP Subnet Mask. Enter the subnet mask value used on your LAN (factory default: 255.255.255.0). • Default Gateway. Enter the IP address of the Gateway for your LAN. For more complex networks, enter the address of the router for the network segment to which the wireless access point is connected (factory default: 0.0.0.0).
Page 36
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The Wireless Settings menu options are discussed below. Note: Channel selection and power management are automatically adjusted by the AutoCell Auto RF Management option. The Auto RF Management option is enabled by default.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 – In “Infrastructure” mode, wireless stations normally scan all channels, looking for an access point. If more than one access point can be used, the one with the strongest signal is used.
Page 38
SSID. The WG302 default SSID is: NETGEAR-0 for the first profile, NETGEAR-1 for the second, and so on. You can enter a value of up to 32 alphanumeric characters. Some concepts regarding the SSID are explained below: –...
Page 39
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • If you are using Access Point mode, then all options are available. In other modes such as Repeater or Bridge, some options may be unavailable. • Not all wireless adapters support WPA or WPA2. Windows XP and Windows 2000 with Service Pack 3 do include the client software that supports WPA.
Page 40
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Data Encryption Settings 128 bits WEP Standard WEP encryption, using 104/128 bit encryption. 152 bits WEP Proprietary mode that will only work with other wireless devices that support this mode.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Before You Change the SSID and WEP Settings For a new wireless network, print or copy this form and fill in the settings. For an existing wireless network, the person who set up or is responsible for the network can provide this information. Be sure to set the Regulatory Domain correctly as the first step.
The default SSID is NETGEAR-0. Note: The SSID of any wireless access adapters must match the SSID you configure in the NETGEAR ProSafe 802.11g Wireless Access Point WG302. If they do not match, you will not get a wireless connection to the WG302.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Configuring the Radius Server Settings Use the following steps to view or change the Radius Server Settings. 1. Connect to the WG302. In the address field of your Web browser, enter the default LAN address of http://192.168.1.128.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Update if any station disassociates. Select this option to refresh global key when any stations disassociated with wireless Access Point. • Accounting Radius Server Configuration. This configuration is required for accounting using Radius Server.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Note: You can use WEP with Open System or Shared Key. Choose the encryption strength, and then enter the Keys as explained in “Entering WEP Data Encryption Keys” on page 3-21 e.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Note: When configuring the WG302 from a wireless computer whose MAC address is not in the access control list, if you select Turn Access Control On, you will lose your wireless connection when you click Apply. You must then access the wireless access point from a wired computer or from a wireless computer which is on the access control list to make any further changes.
Page 47
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 You can usually find the MAC address printed on the wireless adapter. Click Add to add the wireless device to the access list. Repeat these steps for each additional device you want to add to the list.
Page 48
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 3-24 Basic Installation and Configuration v0.1, December 2005...
Chapter 4 Management This chapter describes how to use the management features of your NETGEAR ProSafe 802.11g Wireless Access Point WG302. To get to these features, connect to the WG302 as described in “Logging in to the WG302 Using Its Default IP Address” on page 3-9.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Public Community Name: The community string to allow the SNMP manager to read the wireless access point's MIB objects. The default is public. • Private Community Name: The community string to allow the SNMP manager to read and write the wireless access point's MIB objects.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 3. Press the return key, and the screen below should appear. Figure 4-2 The login name is admin and password is the default password. After successful login, the screen should show the (Access Point Name)> prompt. In this example, the prompt is netgear74F35E.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • IP address to Receive Traps. Enter the IP address of the SNMP manager to receive traps sent from the wireless Access Point. If you don't want Traps to be sent, leave this at the default value of 0.0.0.0...
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Port: The port number configured in the SysLog server on your LAN. The default is 514 The Activity Log Window displays the Access Point system activity. You can click Refresh to update the display. To save the log contents into a file on your PC, click Save As and save the file to a disk drive.
Page 54
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Table 4-1. General Information Fields Field Description Access Point Information Access Point Name The name of the access point, which you can configure. (NetBIOS name) Country/Region The domain or region for which the wireless access point is licensed for use.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Viewing Statistics The Statistics screen provides LAN and WLAN statistics. From the WG302 main menu, click Statistics under the Information heading to view the screen shown in Figure 4-5.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Viewing the Available Wireless Station List The Available Wireless Station List contains a table of all IP devices associated with the wireless access point for the Wired Network Name (SSID).
The WG302 Wireless Access Point firmware is stored in FLASH memory and can be upgraded as new firmware is released by NETGEAR. You can download the upgrade files from the NETGEAR Web site. If the upgrade file is compressed (.ZIP file), you must first extract the image (.IMG) file before you send it to the wireless access point.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 5. Click Upload. When the upload completes, your wireless access point automatically restarts. The upgrade process typically takes about one minute. In some cases, you may need to reconfigure the wireless access point after upgrading.
After you erase the configurations, the wireless access point’s password will be password, the SSID will be NETGEAR, the DHCP client will be disabled, the default LAN IP address will be 192.168.1.128, and the access point name is reset to the name printed on the label on the bottom of the unit.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Changing the Administrator Password The default password is password. NETGEAR recommends that you change this password to a more secure password. You cannot change the administrator login name. From the WG302 main menu, click Change Password to go to the menu shown below.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 AutoCell Rogue AP Detection The AutoCell feature provides added security. It can detect rogue APs and wireless stations and exclude them from connecting to the WG302 Wireless Access Point.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 AutoCell Rogue Station Detection The AutoCell feature provides added security. It can detect rogue APs and wireless stations and exclude them from connecting to the WG302 Wireless Access Point.
Chapter 5 Advanced Configuration This chapter describes how to configure the advanced features of your NETGEAR ProSafe 802.11g Wireless Access Point WG302. The following list describes the advanced features: • IP Settings: Use the AP as a DHCP server for wireless clients.
Page 64
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The following list provides information about how to configure DHCP settings. • Use AP as DHCP Server: You may turn on this option and the Access Point will function as a DHCP Server for Wireless Clients only.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Configuring Advanced Wireless LAN Settings This section describes the advanced wireless settings menu, which enables configuration of the following features: • AutoCell RF management • Wi-Fi multimedia (WMM) setup •...
Page 66
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 AutoCell AP/Client Interaction AutoCell’s self-organizing micro cells provide performance benefits and an additional level of privacy for enterprises. • Automatic Transmit Power Control. An AP with AutoCell enabled coordinates the RF transmit power level of AutoCell-enabled clients.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 AutoCell Configuration Options There are three AutoCell configuration setting choices: • Auto RF Management: Enabled by default. • Enhanced RF Security: Disabled by default. • Rogue Device Detection: Disabled by default.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Wi-Fi Multimedia (WMM) Setup WMM is a subset of the 802.11e standard. WMM allows wireless traffic to have a range of priorities, depending on the kind of data. Time-dependent information, such as video or audio, will have a higher priority than normal traffic.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Configuring Wireless LAN Parameters The default advanced wireless LAN parameter settings usually work well. If you want the AP to operate in Super-G mode, use this feature. Figure 5-5 Table 5-1 describes the advanced wireless parameters.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Wireless Bridging and Repeating The WG302 Wireless Access Point lets you build large bridged wireless networks. Note: All bridge mode options are not available when AutoCell Auto RF Management is enabled (the default setting).
Page 71
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Repeater with Wireless Client Association. Sends all traffic to the remote AP. See “Repeater with Wireless Client Association” on page 5-12. These configurations can be set up from the Advanced Access Point Settings menu, shown to the right.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Point-to-Point Bridge Configuration In Point-to-Point Bridge mode, the WG302 communicates with another bridge-mode wireless station. In addition, you can enable client associations with this WG302. You must enter the MAC address of the other bridge-mode wireless station in the field provided.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Multi-Point Bridge Configuration Set up a Multi-Point Bridge only if this WG102 is the “master” for a group of bridge-mode wireless stations. Then all traffic is sent to this “master,” rather than to the other access points. In addition, you can enable client associations with this WG302.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Configure the WG302 (AP3) on LAN 3 in Point-to-Point Bridge mode with the Remote MAC Address of AP1. 2. Verify the following for all access points: • The LAN network configuration of the WG302 Wireless Access Points are configured to operate in the same LAN network address range as the LAN devices •...
Page 75
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • You cannot configure a sequence of parent/child APs. You are limited to only one parent/child AP pair. The figure below shows an example of a Repeater Mode configuration.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • All WG302 Wireless Access Points use the same SSID, Channel, authentication mode, if any, and encryption in use. 3. Verify connectivity across the LANs. A computer on any LAN segment should be able to connect to the Internet or share files and printers with any other PCs or servers connected to any of the three WLAN segments.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 QoS on the access point leverages existing information in the packet header related to Type of Service (ToS). The access point examines the ToS field in the headers of all packets that pass through the AP.
Page 78
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 5-16 Advanced Configuration v0.1, December 2005...
If it is plugged directly into the wall, verify that it is not a switched outlet. • Make sure you are using the correct NETGEAR power adapter supplied with your access point. Troubleshooting...
• Make sure the antennas are tightly connected to the WG302. • Contact NETGEAR technical support if the Wireless LAN activity light remains off. The LAN light is not lit. There is a hardware connection problem. Check these items: •...
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 I cannot connect to the WG302 to configure it. Check these items: • The WG302 is properly installed, LAN connections are OK, and it is powered on. Check that the LAN port LED is on (amber indicating a 10 Mbps Ethernet connection or green indicating a 100 Mbps Ethernet connection) to verify that the Ethernet connection is OK.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Using the Reset Button to Restore Factory Default Settings The Reset button (see “Rear Panel” on page 2-8) has two functions: • Reboot. When pressed and released quickly, the WG302 will reboot (restart).
Appendix A Specifications Parameter NETGEAR ProSafe 802.11g Wireless Access Point WG302 Network Management Web-based configuration and status monitoring Maximum Clients Limited by the amount of wireless network traffic generated by each node; typically 30 to 70 nodes. Status LEDs Power/Ethernet LAN/Wireless LAN/Test...
Page 84
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Specifications v0.1, December 2005...
Appendix B Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The WG302 Wireless Access Point conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.11b and 802.11g standards for wireless LANs (WLANs). On an 802.11b or g wireless link, data is encoded using direct-sequence spread-spectrum (DSSS) technology and is transmitted in the unlicensed radio spectrum at 2.5GHz.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Ad Hoc Mode (Peer-to-Peer Workgroup) In an ad hoc network, computers are brought together as needed; thus, there is no structure or fixed points to the network - each node can generally communicate with any other node. There is no Access Point involved in this configuration.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Wired Equivalent Privacy (WEP) data encryption is used when the wireless devices are configured to operate in Shared Key authentication mode. 802.11 Authentication The 802.11 standard defines several services that govern how two 802.11 devices communicate.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 This process is illustrated below. 802.11b Authentication Open System Steps 1) Authentication request sent to AP Access Point 2) AP authenticates Internet Cable or 100 Mbps 3) Client connects to network...
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 This process is illustrated below. 802.11b Authentication Shared Key Steps 1) Authentication request sent to AP Access Point 2) AP sends challenge text Internet Cable or 100 Mbps DSL Modem...
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Key Size The IEEE 802.11 standard supports two types of WEP encryption: 40-bit and 128-bit. The 64-bit WEP data encryption method allows for a five-character (40-bit) input. Additionally, 24 factory-set bits are added to the forty-bit input to generate a 64-bit encryption key.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Note: Whatever keys you enter for an AP, you must also enter the same keys for the client adapter in the same order. In other words, WEP key 1 on the AP must match WEP key 1 on the client adapter, WEP key 2 on the AP must match WEP key 2 on the client adapter, and so on.
The Wi-Fi Alliance is now performing interoperability certification testing on Wi-Fi Protected Access products. Starting August of 2003, all new Wi-Fi certified products have to support WPA. NETGEAR is implementing WPA and WPA2 on client and access point products. The 802.11i standard was ratified in 2004.
Page 94
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 – Michael message integrity code (MIC) – AES support (WPA2, requires hardware support) • Support for a mixture of WPA, WPA2, and WEP wireless clients to allow a migration strategy, but mixing WEP and WPA/WPA2 is discouraged These features are discussed below.
Page 95
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • Key management. WPA/WPA2 features a robust key generation/management system that integrates the authentication and data privacy functions. Keys are generated after successful authentication and through a subsequent 4-way handshake between the station and Access Point (AP).
Page 96
RADIUS infrastructure, WPA supports the use of a pre-shared key. Together, these technologies provide a framework for strong user authentication. Windows XP implements 802.1x natively, and several NETGEAR switch and wireless access point products support 802.1x. Client with a WPA/...
Page 97
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The AP sends Beacon Frames with WPA/WPA2 information element to the stations in the service set. Information elements include the required authentication method (802.1x or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES). Probe Responses (AP to station) and Association Requests (station to AP) also contain WPA information elements.
Page 98
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 If configured to implement dynamic key exchange, the 802.1x authentication server can return session keys to the access point along with the accept message. The access point uses the session keys to build, sign and encrypt an EAP key message that is sent to the client immediately after sending the success message.
Product Support for WPA/WPA2 Starting in August, 2003, NETGEAR, Inc. wireless Wi-Fi certified products will support the WPA standard. NETGEAR, Inc. wireless products that had their Wi-Fi certification approved before August, 2003 will have one year to add WPA so as to maintain their Wi-Fi certification.
Page 100
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 • The new WPA/WPA2 information element To advertise their support of WPA/WPA2, wireless APs send the beacon frame with a new 802.11 WPA/WPA2 information element that contains the wireless AP's security configuration (encryption algorithms and wireless security configuration information).
Page 101
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Changes to Wireless Client Programs Wireless client programs must be updated to permit the configuration of WPA/WPA2 authentication (and preshared key) and the new WPA/WPA2 encryption algorithms (TKIP and AES).
Page 102
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 B-18 Wireless Networking Basics v0.1, December 2005...
Appendix C Command Line Reference In addition to the Web based user interface, the NETGEAR ProSafe 802.11g Wireless Access Point WG302 includes a command line interface (CLI) for administering the access point. The CLI lets you view and modify status and configuration information.
Page 104
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The following table shows a feature-by-feature comparison of which settings can be configured through the CLI or the Web UI, and which are configurable with either. Table 8-1. Configurable...
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Table 8-1. Configurable Feature or Setting Configurable from CLI from Web UI Reboot the AP Reset the AP to Factory Defaults Upgrade the Firmware You cannot upgrade the firmware from the CLI.
Page 106
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The “get” command allows you to get the property values of existing instances of a class. Classes can be “named” or “unnamed”. The command syntax is: get unnamed-class [property... | detail] get named-class [instance | all [property...
Page 107
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 The “set” command allows you to set the property values of existing instances of a class. set unnamed-class [with qualifier-property qualifier-value... to] property value... The first argument is an unnamed class in the configuration.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 remove The “remove” command allows you to remove an existing instance of a class. remove unnamed-class [property value...] remove named-class instance | all [property value...] For example: remove radius-user wally...
Page 109
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 config Configuration settings detected-ap Detected access point dhcp-client DHCP client settings dot11 IEEE 802.11 (all radios) host Internet host settings interface Network interface ip-route IP route entry Log settings...
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 Keyboard Shortcuts and Tab Completion Help The CLI provides keyboard shortcuts to help you navigate the command line and build valid commands, along with “tab completion” hints on available commands that match what you have typed so far.
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 CLI Command Sets This section lists the CLI commands available from the WG302 Wireless Access Point command line. Command Line Reference v0.1, December 2005...
Page 112
Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG302 C-10 Command Line Reference v0.1, December 2005...