Linksys LAPAC1750 User Manual
  1. Manuals
  2. Brands
  3. Linksys Manuals
  4. Wireless access points
  5. LAPAC1750
  6. User manual

Linksys LAPAC1750 User Manual

Ac1750 dual band access point
Hide thumbs Also See for LAPAC1750:
Table of Contents

Advertisement

Quick Links

Download this manual
LAPAC1750
AC1750 Dual Band Access Point
User's Guide

Advertisement

Table of Contents
loading

Related Manuals for Linksys LAPAC1750

Summary of Contents for Linksys LAPAC1750

  • Page 1 LAPAC1750 AC1750 Dual Band Access Point User's Guide...

  • Page 3: Table Of Contents

    ABLE OF ONTENTS   CHAPTER 1 QUICK START GUIDE ................... 1   Package Contents ......................1   Physical Details ........................1   Mounting Guide ......................... 3   CHAPTER 2 ACCESS POINT SETUP .................. 4   Overview ..........................4   Setup using a Web Browser ....................4  ...
  • Page 4   APPENDIX C PC AND SERVER CONFIGURATION ............ 69   Overview .......................... 69   Using WEP ........................69   Using WPA2-PSK ......................70   Using WPA2-Enterprise ....................71   802.1x Server Setup (Windows 2000 Server) ..............72   802.1x Client Setup on Windows XP ................82 Using 802.1x Mode (without WPA) ................

  • Page 5: Chapter 1 Quick Start Guide

    NOTE: Use only the adapter that came with your access point. Ethernet Port - Connect a wired network device to this port. This port supports PoE (Power over Ethernet) with a PoE switch or PoE injector. LAPAC1750 can be powered on from an 802.3at compliance source.
  • Page 6 Reset Button - Press and hold this button for less than 15 seconds to power cycle device. Press and hold for longer than 15 seconds to reset the device to factory default settings.

  • Page 7: Mounting Guide

    6. Connect the Ethernet cable and/or AC power adapter to your device 7. Slide the device into the bracket. Turn access point clockwise until it locks. IMPORTANT Improper or insecure mounting could result in damage to the device or personal injury. Linksys is not responsible for damages caused by improper mounting.

  • Page 8: Chapter 2 Access Point Setup

    Chapter 2 Access Point Setup Overview This chapter describes the setup procedure to connect the wireless access point to your LAN, and configure it as an access point for your wireless stations. Wireless stations may also require configuration. For details, see Appendix C - Wireless Station Configuration.
  • Page 9 Figure 1: Password Dialog 5. From the status screen menu configure for your environment. Details of these screens and settings are described in the following sections of this chapter. 6. You may also wish to change the admin password on the User Accounts screen, accessed from the Configuration menu.

  • Page 10: Setup Wizard

    Setup Wizard The first time you connect to the wireless access point, run the Setup Wizard to configure the device. 1. Click the Quick Start link on the main menu Figure 2: Setup Wizard 2. On the first screen, click Launch. 3.
  • Page 11 Figure 4: Setup Wizard - IPv4 6. Set the SSID information on the Wireless Network screen. Click Next. Figure 5: Setup Wizard - Wireless Network 7. On the Wireless Security Screen (Figure 8) configure the wireless security settings for the device.
  • Page 12 8. On the Summary screen, check the data to make sure they are correct and then click Submit to save the changes. Figure 7: Setup Wizard - Summary 9. Click Finish to leave the wizard. Figure 8: Setup Wizard - Finish...

  • Page 13: User Accounts

    User Accounts Click User Accounts on the Administration menu to manage user accounts. The access point supports up to 5 users: one administrator and four normal users. Figure 9: User Accounts Data - User Accounts Screen User Account Table User Name Enter the User Name to connect to the access point’s admin interface.

  • Page 14: Time Screen

    Time Screen Click Time on the Administration menu to configure system time of the device. Figure 10: Time Screen Data - Time Screen Time Display current date and time of the system. Current Time Manually Set date and time manually. Automatically When enabled (default setting) the access point will get the current time from a public time server.

  • Page 15: Log Settings Screen

    Log Settings Screen The logs record various types of activity on the access point. This data is useful for trouble- shooting, but enabling all logs will generate a large amount of data and adversely affect performance. Figure 11: Log Settings Screen Data - Logs Screen Log Types Log Types...
  • Page 16 Email Address for Enter the email address the log messages are to be sent to. Logs Valid characters include alphanumeric characters, "_", "-", "." and "@". Maximum length is 64 characters. Log Queue Length Enter the length of the queue: up to 500 log messages. The default is 20 messages.

  • Page 17: Management Access Screen

    Management Access Screen You can use the Management page to configure the management methods of the access point. Figure 12: Management Access Screen Data - Management Access Screen Web Access HTTP HTTP (Hyper Text Transfer Protocol) is the standard for transferring files (text, graphic images and other multimedia files) on the World Wide Web.
  • Page 18 SNMP Settings Simple Network Management Protocol (SNMP) is a network SNMP monitoring and management protocol. Enable or disable SNMP function here. Disabled by default. Contact Enter contact information for the access point. The contact includes 1 to 32 characters. Special characters are allowed.

  • Page 19: Ssl Certificate Screen

    SSL Certificate Screen This screen can be used to manage SSL certificate used by HTTPS. Figure 13: SSL Certificate Screen Data - SSL Certificate Screen Export/Restore to/from Local PC Export SSL Click to export the SSL certificate. Certificate Install Certificate Browse to choose the certificate file.

  • Page 20: Network Setup Screen

    Network Setup Screen Use this screen to configure basic device settings, VLAN settings and settings for the LAN interface, including static or dynamic IPv4/IPv6 address assignment. Figure 14: Network Setup Screen Data - Network Setup Screen TCP/IP Assign a host name to this access point. Host name consists of 1 to 15 Host Name characters.
  • Page 21 The VLAN associated with the IP address you use to connect to the Management VLAN access point. Provide a number between 1 and 4094 for the Manage- ment VLAN ID. The default is 1. IPv4/v6 IP Settings Select Automatic Configuration or Static IP Address. Enter an unused IP address from the address range used on your LAN.

  • Page 22: Advanced Screen

    Advanced Screen Use this screen to configure advanced network settings of the access point. Figure 15: Advanced Screen Data - Advanced Screen Port Settings Auto Negotiation If enabled, Port Speed and Duplex Mode will become grey and cannot be configured. If disabled, Port Speed and Duplex Mode can be configured.
  • Page 23 This feature supports following two kinds of authentication: Authentication • Authentication via MAC Address Select this if you want to use MAC Address for authentica- tion. The access point uses lowercase MAC address for Name and Password, like xxxxxxxxxxxx. • Authentication via Name and Password Select this if you want to use name and password for authentication.

  • Page 24: Wireless Screens

    Wireless Screens There are ten configuration screens: • Basic Settings • Security • Rogue AP Detection • Scheduler • Scheduler Association • Connection Control • Rate Limit • • Workgroup Bridge • Advanced Settings Basic Settings Basic Settings provides the essential configuration for your wireless radio and SSIDs. You should able to set up your wireless network with these essential parameters configured.
  • Page 25 Enable Radio Enable or disable the wireless radio. Select the desired option for radio 1: Wireless Mode • G only - allow connection by 802.11G wireless stations only. • N only - allow connection by 802.11N wireless stations only. • B/G-Mixed - allow connection by 802.11B and G wireless stations only.

  • Page 26: Security Settings

    Security Settings Use this screen to configure security settings of SSIDs to provide data protection over the wireless network Figure 17: Security Settings Data - SSID Settings Screen Security Select SSID Select the desired SSID from the drop-down list. Select the desired security method from the list. Security Mode Security Settings •...
  • Page 27 • Each user's wireless client must support 802.1x and provide the RADIUS authentica- tion data when required. • All data transmission is encrypted using the WPA2 standard. Keys are automatically generated, so no key input is required. • RADIUS - RADIUS mode utilizes RADIUS server for authentication and dynamic WEP key generation for data encryption.
  • Page 28 Security Settings - WEP This is the 802.11b standard. Data is encrypted before transmission, but the encryption system is not very strong. Figure 18: WEP Wireless Security Screen Data - WEP Screen Select Open System or Shared Key. All wireless stations must use the Authentication same method.
  • Page 29 Security Settings - WPA2-Personal This is a further development of WPA-Personal, and offers even greater security. Figure 19: WPA2-Personal Wireless Security Screen Data - WPA2-Personal Screen WPA2-Personal The encryption method is AES. Wireless stations must also use WPA Algorithm AES. Pre-shared Key Enter the key value.
  • Page 30 Security Settings - WPA/WPA2-Personal This method, sometimes called Mixed Mode, allows clients to use either WPA-Personal or WPA2-Personal. Figure 20: WPA/WPA2-Personal Wireless Security Screen Data - WPA/WPA2-Personal Screen WPA/WPA2-Personal WPA Algorithm The encryption method is TKIP or AES. Enter the key value. It is 8 to 63 ASCII characters or 64 HEX Pre-shared Key characters.
  • Page 31 Security Settings - WPA2-Enterprise This version of WPA2-Enterprise requires a RADIUS Server on your LAN to provide the client authentication. Data transmissions are encrypted using the WPA2 standard. Figure 21: WPA2-Enterprise Wireless Security Screen Data - WPA2-Enterprise Screen WPA2-Enterprise Primary Server Enter the IP address of the RADIUS Server on your network.
  • Page 32 Key Renewal Timeout Specify the value of Group Key Renewal. It is a value from 600 to 36000, and default is 3600. WPA automatically changes secret keys after a certain period of time. The group key interval is the period of time in between automatic changes of the group key, which all devices on the network share.
  • Page 33 Security Settings - WPA/WPA2-Enterprise WPA/WPA2-Enterprise requires a RADIUS Server on your LAN to provide the client authen- tication. Data transmissions are encrypted using WPA2 standard. Figure 22: WPA/WPA2-Enterprise Wireless Security Screen Data - WPA/WPA2-Enterprise Screen WPA/WPA2-Enterprise Primary Server Enter the IP address of the RADIUS Server on your network. Primary Server Port Enter the port number used for connections to the RADIUS Server.
  • Page 34 Key Renewal Timeout Specify the value of Group Key Renewal. It is a value from 600 to 36000, and default is 3600. WPA automatically changes secret keys after a certain period of time. The group key interval is the period of time between automatic changes of the group key, which all devices on the network share.
  • Page 35 RADIUS Use RADIUS server for authentication and dynamic WEP key generation for data encryption. Figure 23: RADIUS Settings Data - RADIUS Screen Authentication Server Primary Server Enter the IP address of the RADIUS Server on your network. Enter the port number used for connections to the RADIUS Primary Server Port Server.

  • Page 36: Rogue Ap Detection

    Rogue AP Detection Rogue AP detection is used to detect the unexpected or unauthorized access point installed in a secure network environment. Figure 24: Rogue AP Screen Data - Rogue AP Screen Select the desired radio from the list. Wireless Radio Radio 1 is for 2.4 GHz, and Radio 2 is for 5 GHz.
  • Page 37 Add one trusted AP by MAC address. New MAC Address...

  • Page 38: Scheduler

    Scheduler Configure a rule with a specific time interval for SSIDs to be operational. Automate enabling or disabling SSIDs based on the profile definition. Support up to 16 profiles and each profile can include 4 time rules. Figure 25: Scheduler Screen Data - Scheduler Screen Wireless Scheduler Enable or disable wireless scheduler on the radio.
  • Page 39 Select the desired day from the list. Day of the Week Option None means this time rule is disabled. Start Time Choose the start time. Finish Time Choose the finish time.

  • Page 40: Scheduler Association

    Scheduler Association Associate defined scheduler profiles with SSIDs. Figure 26: Scheduler Association Screen Data - Scheduler Association Screen Wireless Radio Select the desired radio from the list. Radio 1 is for 2.4 GHz, and Radio 2 is for 5 GHz. Scheduler Association SSID The index of SSID.

  • Page 41: Connection Control

    Connection Control Exclude or allow only listed client stations to authenticate with the access point. Figure 27: Connection Control Screen Data - Connection Control Screen Select the desired SSID from the list. SSID Select the option from the drop-down list as desired. Connection Type •...

  • Page 42: Rate Limit

    Rate Limit Limit downstream and upstream rate of SSIDs. Figure 28: Rate Limit Screen Data - Rate Limit Screen Wireless Radio Select the desired radio from the list. Radio 1 is for 2.4 GHz, and Radio 2 is for 5 GHz. Rate Limit SSID The index of SSID.

  • Page 43: Qos

    The QoS (Quality of Service) feature allows you to specify priorities for different traffic coming from your wireless client. Lower priority traffic will be slowed down to allow greater throughput or less delay for high priority traffic. Figure 29: QoS Screen Data - QoS Screen QoS Setting Wireless Radio...
  • Page 44 Enable or disable WMM. WMM (Wi-Fi Multimedia) is a component of the IEEE 802.11e wireless LAN standard for QoS. WMM provides prioritization of wireless data packets from different applications based on four access categories: voice, video, best effort, and background. For an application to receive the benefits of WMM QoS, both it and the client running that application have to have WMM enabled.

  • Page 45: Workgroup Bridge

    Workgroup Bridge Workgroup Bridge feature enables the access point to extend the accessibility of a remote network. In Workgroup Bridge mode, the access point acts as a wireless station (STA) on the wireless LAN. It can bridge traffic between a remote wired network and a wireless LAN. When Workgroup Bridge is enabled, SSID configuration still works to provide wireless services to clients.
  • Page 46 Normally, Workgroup Bridge connects to a remote access point by Remote MAC matching SSID. When more than one remote access point have the Address same SSID, Workgroup Bridge can connect to different remote access points. Optional: You can specify the MAC address of the remote access point to limit Workgroup Bridge’s connection to a specific remote access point.

  • Page 47: Advanced Settings

    Advanced Settings Configure advanced parameters of wireless radios. Figure 31: Advanced Settings Data - Advanced Settings Screen Band Steering Band Steering Enable or disable Band Steering function. Band Steering is a technology that detects whether the wireless client is dual-band capable. If it is, band steering pushes the client to connect to the less-congested 5 GHz network.
  • Page 48 Channel Bandwidth Select the designed channel bandwidth for the wireless radio. • 20MHz - Select if you are not using any 802.11n wire- less clients. • 20/40MHz - Select if you are using both 802.11n and non-802.11n wireless devices. • 20/40/80MHz - Select if you are using 802.11ac, 802.11n and non-802.11n wireless devices.
  • Page 49 RTS Threshold Enter the Request to Send (RTS) Threshold value, an integer from 1 to 2347. The default is 2347 octets. The RTS threshold indicates the number of octets in a Medium Access Control Protocol Data Unit (MPDU) below which an RTS/CTS handshake is not performed.

  • Page 50: Chapter 3 Operation And Status

    Chapter 3 Operation and Status Operation You may need to perform the following operations on a regular basis. • If using the Access Control feature, update the Trusted PC database as required. (See Access Control in Chapter 2 for details.) •...
  • Page 51 Data - System Summary Screen System Summary Device SKU The SKU is often used to identify device model number and region. Firmware Version The version of the firmware currently installed. Firmware Checksum The checksum of the firmware running in the access point. The version of the hardware.

  • Page 52: Lan Status

    LAN Status LAN Status displays settings, and status of LAN interface. Figure 33: LAN Status Screen Data - LAN Status VLAN Enabled or disabled (default). VLAN Untagged VLAN Enabled (default) or disabled. When enabled, and if its VLAN ID is equal to Untagged VLAN ID, all traffic is untagged when sent from LAN ports.
  • Page 53 Management VLAN Displays the Management VLAN ID. The VLAN associated with the IP address you use to connect to the access point. Provide a number between 1 and 4094 for the Management VLAN ID. The default is 1. This VLAN is also the default untagged VLAN. If you already have a management VLAN configured on your network with a different VLAN ID, you must change the VLAN ID of the man- agement VLAN on the access point.

  • Page 54: Wireless Status

    Wireless Status Wireless Status displays settings and status of wireless radios and SSIDs. Figure 34: Wireless Status Screen Data - Wireless Status Radio Status Wireless Radio Select the desired radio from the list. Radio 1 is for 2.4 GHz, and Radio 2 is for 5 GHz. Indicates whether the radio is enabled.
  • Page 55 Scheduler State Current scheduler status of the SSID. • N/A No scheduler is enabled on the SSID, or the SSID is disabled by administrator. • Active The SSID is enabled. • Inactive The SSID is disabled. Workgroup Bridge Status Status Status of the Workgroup Bridge: enabled or disabled.

  • Page 56: Wireless Clients

    Wireless Clients Wireless Clients displays connected clients based on each wireless interface. Figure 35: Wireless Clients Screen Data - Wireless Clients Wireless Interface Select the desired interface from the list. The interfaces include 8 SSIDs per radio. Name of the SSID to which the client connects. SSID Name Client MAC The MAC address of the client.

  • Page 57: Statistics

    Statistics Statistics provides real-time transmitted and received statistics data based on each SSID per Radio, and LAN interface. Figure 36: Statistics Screen Data - Statistics Select the desired radio from the list. Wireless Radio Radio 1 is for 2.4 GHz, and Radio 2 is for 5 GHz. •...

  • Page 58: Log View

    Log View Log View shows a list of system events that are generated by each single log entry, such as login attempts and configuration changes. Figure 37: Log View Screen Data - Log View Log Messages Log Messages Show the log messages. Buttons Update the data on screen.

  • Page 59: Chapter 4 Access Point Management

    The firmware (software) in the wireless access point can be upgraded by using HTTP/HTTPS, or TFTP. Check Linksys support website (http://www.linksys.com/business/support) and download the latest firmware release to your storage such as PC. Then, perform firmware upgrade by following the steps below.
  • Page 60 Figure 38: Firmware Upgrade Screen To perform the firmware upgrade from local PC: 1. Click the Browse button and navigate to the location of the upgrade file. 2. Select the upgrade file. Its name will appear in the Upgrade File field. 3.

  • Page 61: Configuration

    Configuration Configuration backup/restore allows you to download the configuration file from device to external storage, e.g., your PC, or network storage, or to upload a previously saved configura- tion file from external storage to device. It is highly recommended you save one extra copy of the configuration file to external storage after you are done with access point setup.
  • Page 62 Backup/Restore to/from TFTP server Backup To create a backup file of the current settings: Configuration 1. Enter the destination file name you plan to save in TFTP server. 2. Enter the IP address for the TFTP server. Only support IPv4 address here.

  • Page 63: Factory Default

    Factory Default It’s highly recommended you save your current configuration file before you restore to factory default settings. To save your current configuration file, click Maintenance Configuration Backup/Restore. Figure 40: Factory Default Screen Data - Factory Default Screen Factory Default If Yes radio button is clicked and Save button is pressed, your current configuration file will be deleted, and the system will reboot.

  • Page 64: Reboot

    Reboot Reboot power cycles the device. The current configuration file will remain after reboot. Figure 41: Reboot Screen Data - Reboot Screen Device Reboot If Yes radio button is checked, device will power cycle after Save button is pressed.

  • Page 65: Ping Test

    Ping Test Ping Test is used to determine the accessibility of a host on the network. Figure 42: Ping Test Screen Data - Ping Test Screen General IP Type Enter the IP type of destination address. Enter the IP address or domain name that you want to ping. IP or URL Address Packet Size Enter the size of the packet.

  • Page 66: Packet Capture

    Packet Capture Packet Capture is used to capture and store 802.3 packets received and transmitted by the access point based on one specified network interface. Network interface can be radio, SSID or LAN. Figure 43: Packet Size Screen Data - Packet Size Screen Network Interface Select the desired network interface from the drop-down list.

  • Page 67: Diagnostic Log

    Diagnostic Log Diagnostic Log provides system detail information, such as configuration file, system status and statistics data, hardware information, operational status. The information is useful in troubleshooting and working with technical support. Figure 44: Diagnostic Screen Data - Diagnostic Screen Download Click to download the device diagnostic log into a local file.

  • Page 68: Appendix A Troubleshooting

    Appendix A Troubleshooting Overview This chapter covers some common problems encountered while using the wireless access point, and some possible solutions to them. If you follow the suggested steps and the wireless access point still does not function properly, contact your dealer for further advice. General Problems Problem 1: I can't find new access point on my network.
  • Page 69 If there is no DHCP Server found, the wireless access point will roll back to an IP address and mask of 192.168.1.252 and 255.255.255.0. Problem 2: My PC can't connect to the LAN via the wireless access point. Check the following: Solution 2: •...

  • Page 70: Appendix B About Wireless Lans

    Appendix B About Wireless LANs Overview Wireless networks have their own terms and jargon. It is necessary to understand many of these terms in order to configure and operate a wireless LAN. Wireless LAN Terminology Modes Wireless LANs can work in either of two (2) modes: •...
  • Page 71 As wireless stations are physically moved through the area covered by an ESS, they will automatically change to the access point that has the least interference or best performance. This capability is called Roaming. (Access points do not have or require roaming capabili- ties.) Channels The wireless channel sets the radio frequency used for communication.
  • Page 72 WPA-Enterprise This version of WPA requires a RADIUS server on your LAN to provide the client authentica- tion according to the 802.1X standard. Data transmissions are encrypted using the WPA standard. If this option is used: • The access point must have a "client login" on the RADIUS server. •...

  • Page 73: Appendix C Pc And Server Configuration

    Appendix C PC and Server Configuration Overview All wireless stations need to have settings that match the wireless access point. These settings depend on the mode in which the access point is being used. • If using WEP or WPA2-PSK, it is only necessary to ensure that each wireless station's settings match those of the wireless access point, as described below.

  • Page 74: Using Wpa2-Psk

    Using WPA2-PSK For each of the following items, each wireless station must have the same settings as the wireless access point. Mode On each PC, the mode must be set to Infrastructure. This must match the value used on the wireless access point. SSID (ESSID) The default value is LinksysSMB24G for radio 1 and LinksysSMB5G for radio 2.

  • Page 75: Using Wpa2-Enterprise

    Using WPA2-Enterprise This is the most secure and most complex system. WPA-Enterprise mode provides greater security and centralized management, but it is more complex to configure. Wireless Station Configuration For each of the following items, each wireless station must have the same settings as the wireless access point.

  • Page 76: 802.1X Server Setup (Windows 2000 Server)

    802.1x Server Setup (Windows 2000 Server) This section describes using Microsoft Internet Authentication Server as the RADIUS server, since it is the most common RADIUS server available that supports the EAP-TLS authentica- tion method. The following services on the Windows 2000 Domain Controller (PDC) are also required. •...
  • Page 77 Figure 46: Components Screen 4. Click Next. 5. Select the Enterprise root CA, and click Next. Figure 47: Certification Screen 6. Enter the information for the Certificate Authority, and click Next.
  • Page 78 Figure 48: CA Screen 7. Click Next if you don't want to change the CA's configuration data. 8. Installation will warn you that Internet Information Services are running, and must be stopped before continuing. Click OK, then Finish. DHCP server configuration 1.
  • Page 79 Figure 50: IP Address Screen 6. Add exclusions in the address fields if required. If no exclusions are required, leave it blank. Click Next. 7. Change the Lease Duration time if preferred. Click Next. 8. Select Yes, I want to configure these options now, and click Next. 9.
  • Page 80 Certificate Authority Setup 1. Select Start -> Programs -> Administrative Tools -> Certification Authority. 2. Right-click Policy Settings, and select New -> Certificate to Issue. Figure 52: Certificate Authority Screen 3. Select Authenticated Session and Smartcard Logon (select more than one by holding down the Ctrl key).
  • Page 81 Figure 54: Active Directory Screen 6. Select the Group Policy tab, choose Default Domain Policy then click Edit. Figure 55: Group Policy Tab 7. Select Computer Configuration -> Windows Settings -> Security Settings -> Public Key Policies, right-click Automatic Certificate Request Settings -> New -> Automatic Certifi- cate Request.
  • Page 82 Figure 56: Group Policy Screen 8. When the Certificate Request Wizard appears, click Next. 9. Select Computer, click Next. Figure 57: Certificate Template Screen 10. Ensure that your Certificate Authority is checked, click Next. 11. Review the policy change information and click Finish. 12.
  • Page 83 Internet Authentication Service (RADIUS) Setup 1. Select Start -> Programs -> Administrative Tools -> Internet Authentication Service 2. Right-click on Clients, and select New Client. Figure 58: Service Screen 3. Enter a name for the access point, click Next. 4. Enter the address or name of the wireless access point, and set the shared secret, as entered on the Security Settings of the wireless access point.
  • Page 84 11. Click Edit Profile... and select the Authentication tab. Enable Extensible Authentication Protocol, and select Smart Card or other Certificate. Deselect other authentication me- thods listed. Click OK. Figure 60: Authentication Screen 12. Select No if you don't want to view the help for EAP. Click Finish.
  • Page 85 Remote Access Login for Users 1. Select Start -> Programs -> Administrative Tools -> Active Directory Users and Comput- ers. 2. Double click on the user who you want to enable. 3. Select the Dial-in tab, and enable Allow access. Click OK. Figure 61: Dial-in Screen...

  • Page 86: 802.1X Client Setup On Windows Xp

    802.1x Client Setup on Windows XP Windows XP ships with a complete 802.1x client implementation. If using Windows 2000, you can install SP3 (Service Pack 3) to gain the same functionality. If you don't have either of these systems, you must use the 802.1x client software provided with your wireless adapter.
  • Page 87 Figure 63: Wireless CA Screen 5. Select User certificate request and select User Certificate, click Next. Figure 64: Request Type Screen 6. Click Submit.
  • Page 88 Figure 65: Identifying Information Screen 7. A message will be displayed and the certificate will be returned to you. Click Install this certificate. Figure 66: Certificate Issued Screen 8. You will receive a confirmation message. Click Yes.
  • Page 89 Figure 67: Root Certificate Screen 9. Certificate setup is now complete. 802.1x Authentication Setup 1. Open the properties for the wireless connection, by selecting Start - Control Panel - Network Connections. 2. Right-click on the Wireless Network Connection, and select Properties. 3.
  • Page 90 • Your network administrator can advise you of the correct settings for each network. 802.1x networks typically use EAP-TLS. This is a dynamic key system, so there is no need to enter key values. Enabling Encryption To enable encryption for a wireless network, follow this procedure. 1.
  • Page 91 Figure 70: Properties Screen Setup for Windows XP and 802.1x client is now complete.

  • Page 92: Using 802.1X Mode (Without Wpa)

    Using 802.1x Mode (without WPA) This is very similar to using WPA-Enterprise. The only difference is that on your client, you must NOT enable the setting The key is pro- vided for me automatically. Instead, you must enter the WEP key manually, ensuring it matches the WEP key used on the access point.

  • Page 93: Regulatory Approvals

    Regulatory Approvals Federal Communication Commission Interference Statement This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules.

  • Page 94: Caution

    Caution (i) the device for operation in the band 5150-5250 MHz is only for indoor use to reduce the potential for harmful interference to co-channel mobile satellite systems; (ii) high-power radars are allocated as primary users (i.e. priority users) of the bands 5250- 5350 MHz and 5650-5850 MHz and that these radars could cause interference and/or damage to LE-LAN devices.

Table of Contents