Home » ZyXEL Manuals » Networking » ZyXEL NWA3560-N » Manual Viewer

ZyXEL NWA3560-N User Guide - Page 188

Configuration > Object > Certificate > Trusted Certificates > Edit, Table 67

Get ZyXEL NWA3560-N PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 188 highlights

Chapter 14 Certificates The following table describes the labels in this screen. Table 67 Configuration > Object > Certificate > Trusted Certificates > Edit LABEL DESCRIPTION Name This field displays the identifying name of this certificate. You can change the name. You can use up to 31 alphanumeric and characters. Certification Path Click the Refresh button to have this read-only text box display the end entity's certificate and a list of certification authority certificates that shows the hierarchy of certification authorities that validate the end entity's certificate. If the issuing certification authority is one that you have imported as a trusted certificate, it may be the only certification authority in the list (along with the end entity's own certificate). The NWA3000-N series AP does not trust the end entity's certificate and displays "Not trusted" in this field if any certificate on the path has expired or been revoked. Refresh Click Refresh to display the certification path. Enable X.509v3 CRL Distribution Points and OCSP checking Select this check box to have the NWA3000-N series AP check incoming certificates that are signed by this certificate against a Certificate Revocation List (CRL) or an OCSP server. You also need to configure the OSCP or LDAP server details. OCSP Server Select this check box if the directory server uses OCSP (Online Certificate Status Protocol). URL Type the protocol, IP address and pathname of the OCSP server. ID The NWA3000-N series AP may need to authenticate itself in order to assess the OCSP server. Type the login name (up to 31 ASCII characters) from the entity maintaining the server (usually a certification authority). Password Type the password (up to 31 ASCII characters) from the entity maintaining the OCSP server (usually a certification authority). LDAP Server Select this check box if the directory server uses LDAP (Lightweight Directory Access Protocol). LDAP is a protocol over TCP that specifies how clients access directories of certificates and lists of revoked certificates. Address Type the IP address (in dotted decimal notation) of the directory server. Port Use this field to specify the LDAP server port number. You must use the same server port number that the directory server uses. 389 is the default server port number for LDAP. ID The NWA3000-N series AP may need to authenticate itself in order to assess the CRL directory server. Type the login name (up to 31 ASCII characters) from the entity maintaining the server (usually a certification authority). Password Type the password (up to 31 ASCII characters) from the entity maintaining the CRL directory server (usually a certification authority). Certificate Information These read-only fields display detailed information about the certificate. 188 NWA3000-N Series User's Guide

Section	Page
NWA3000-N Series	1
About This User's Guide	3
Document Conventions	4
Safety Warnings	6
Table of Contents	7
User’s Guide	15
Introduction	17
1.1 Overview	17
1.2 Applications for the NWA3000-N series AP	18
1.2.1 Bridge / Repeater	18
1.2.2 AP + Bridge	22
1.2.3 MBSSID	22
1.3 Management Mode	23
1.4 Ways to Manage the NWA3000-N series AP	24
1.5 Good Habits for Managing the NWA3000-N series AP	25
1.6 Hardware Connections	26
1.7 LEDs	27
1.8 Starting and Stopping the NWA3000-N series AP	29
The Web Configurator	31
2.1 Overview	31
2.2 Access	32
2.3 The Main Screen	33
2.3.1 Title Bar	34
2.3.2 Navigation Panel	34
2.3.3 Warning Messages	38
2.3.4 Site Map	38
2.3.5 Object Reference	38
2.3.6 Tables and Lists	44
Configuration Basics	49
3.1 Overview	49
3.2 Object-based Configuration	49
3.3 Feature Configuration Overview	49
3.3.1 Feature	50
3.3.2 MGNT Mode	50
3.3.3 LAN Setting	50
3.3.4 Wireless	50
3.3.5 Device HA	51
3.4 Objects	51
3.4.1 User	51
3.4.2 AP Profile	52
3.4.3 MON Profile	52
3.5 System	52
3.5.1 WWW, SSH, TELNET, FTP, SNMP, and Auth. Server	52
3.5.2 Logs and Reports	53
3.5.3 File Manager	53
3.5.4 Diagnostics	53
3.5.5 Shutdown	53
Tutorials	55
4.1 Sample Network Setup	55
4.1.1 Set the Management Modes	56
4.1.2 Set the LAN IP Address and Management VLAN (vlan99)	57
4.1.3 Set Up Wireless User Authentication	58
4.1.4 Create the AP Profiles (staff, guest)	60
4.2 Rogue AP Detection	63
4.2.1 Rogue AP Containment	67
4.3 Load Balancing	69
4.4 Dynamic Channel Selection	70
Technical Reference	73
Dashboard	75
5.1 Overview	75
5.1.1 What You Can Do in this Chapter	75
5.2 Dashboard	76
5.2.1 CPU Usage	80
5.2.2 Memory Usage	81
Monitor	83
6.1 Overview	83
6.1.1 What You Can Do in this Chapter	83
6.2 What You Need to Know	83
6.3 LAN Status	84
6.3.1 LAN Status Graph	86
6.4 AP List	87
6.4.1 Station Count of AP	89
6.5 Radio List	89
6.5.1 AP Mode Radio Information	91
6.6 Station List	93
6.7 Rogue AP	94
6.8 Legacy Device Info	95
6.8.1 Legacy Device Info Add or Edit	96
6.9 View Log	96
6.10 View AP Log	100
Management Mode	103
7.1 Overview	103
7.2 About CAPWAP	103
7.2.1 CAPWAP Discovery and Management	104
7.2.2 Managed AP Finds the Controller	104
7.2.3 CAPWAP and IP Subnets	104
7.2.4 Notes on CAPWAP	105
7.3 The Management Mode Screen	105
LAN Setting	107
8.1 LAN Setting Overview	107
8.1.1 What You Can Do in this Chapter	107
8.1.2 What You Need to Know	107
8.2 LAN Setting	108
8.2.1 Add or Edit a DNS Setting	110
Wireless	111
9.1 Overview	111
9.1.1 What You Can Do in this Chapter	111
9.1.2 What You Need to Know	111
9.2 Controller	112
9.3 AP Management	113
9.3.1 Edit AP List	115
9.4 MON Mode	116
9.4.1 Add/Edit Rogue/Friendly List	118
9.5 Load Balancing	119
9.5.1 Disassociating and Delaying Connections	120
9.6 DCS	122
9.7 Technical Reference	124
Device HA	127
10.1 Overview	127
10.1.1 What You Can Do in this Chapter	127
10.1.2 What You Need to Know	128
10.1.3 Before You Begin	128
10.2 Device HA General	129
10.3 Active-Passive Mode	131
10.3.1 Edit Monitored Interface	134
10.4 Technical Reference	135
User	137
11.1 Overview	137
11.1.1 What You Can Do in this Chapter	137
11.1.2 What You Need To Know	137
11.2 User Summary	138
11.2.1 Add/Edit User	139
11.3 Setting	141
11.3.1 Edit User Authentication Timeout Settings	144
AP Profile	147
12.1 Overview	147
12.1.1 What You Can Do in this Chapter	147
12.1.2 What You Need To Know	147
12.2 Radio	149
12.2.1 Add/Edit Radio Profile	150
12.3 SSID	154
12.3.1 SSID List	154
12.3.2 Security List	158
12.3.3 MAC Filter List	161
MON Profile	165
13.1 Overview	165
13.1.1 What You Can Do in this Chapter	165
13.1.2 What You Need To Know	165
13.2 MON Profile	166
13.2.1 Add/Edit MON Profile	167
13.3 Technical Reference	168
Certificates	171
14.1 Overview	171
14.1.1 What You Can Do in this Chapter	171
14.1.2 What You Need to Know	171
14.1.3 Verifying a Certificate	173
14.2 My Certificates	175
14.2.1 Add My Certificates	177
14.2.2 Edit My Certificates	181
14.2.3 Import Certificates	184
14.3 Trusted Certificates	185
14.3.1 Edit Trusted Certificates	187
14.3.2 Import Trusted Certificates	190
14.4 Technical Reference	191
System	193
15.1 Overview	193
15.1.1 What You Can Do in this Chapter	193
15.2 Host Name	194
15.3 Date and Time	194
15.3.1 Pre-defined NTP Time Servers List	197
15.3.2 Time Server Synchronization	198
15.4 Console Speed	199
15.5 WWW Overview	200
15.5.1 Service Access Limitations	200
15.5.2 System Timeout	200
15.5.3 HTTPS	200
15.5.4 Configuring WWW Service Control	201
15.5.5 HTTPS Example	203
15.6 SSH	209
15.6.1 How SSH Works	210
15.6.2 SSH Implementation on the NWA3000-N series AP	211
15.6.3 Requirements for Using SSH	211
15.6.4 Configuring SSH	212
15.6.5 Examples of Secure Telnet Using SSH	213
15.7 Telnet	214
15.8 FTP	215
15.9 SNMP	217
15.9.1 Supported MIBs	218
15.9.2 SNMP Traps	218
15.9.3 Configuring SNMP	219
15.9.4 Adding or Editing an SNMPv3 User Profile	220
15.10 Internal RADIUS Server	221
15.10.1 Configuring the Internal RADIUS Server	222
15.10.2 Adding or Editing a Trusted AP Profile	224
15.11 Technical Reference	225
Log and Report	227
16.1 Overview	227
16.1.1 What You Can Do In this Chapter	227
16.2 Email Daily Report	227
16.3 Log Setting	229
16.3.1 Log Setting Summary	230
16.3.2 Edit Log Settings	232
16.3.3 Edit Remote Server	236
16.3.4 Active Log Summary	238
File Manager	241
17.1 Overview	241
17.1.1 What You Can Do in this Chapter	241
17.1.2 What you Need to Know	241
17.2 Configuration File	243
17.3 Firmware Package	248
17.4 Shell Script	249
Diagnostics	253
18.1 Overview	253
18.1.1 What You Can Do in this Chapter	253
18.2 Diagnostics	253
18.3 Packet Capture	254
18.3.1 Packet Capture Files	256
18.3.2 Example of Viewing a Packet Capture File	257
18.4 Wireless Frame Capture	258
18.4.1 Wireless Frame Capture Files	261
Reboot	263
19.1 Overview	263
19.1.1 What You Need To Know	263
19.2 Reboot	263
Shutdown	265
20.1 Overview	265
20.1.1 What You Need To Know	265
20.2 Shutdown	265
Troubleshooting	267
21.1 Overview	267
21.2 Power, Hardware Connections, and LEDs	267
21.3 NWA3000-N series AP Access and Login	268
21.4 Internet Access	270
21.5 Wireless AP Troubleshooting	272
21.6 Resetting the NWA3000-N series AP	277
21.7 Getting More Troubleshooting Help	278
Product Specifications	279
22.1 Wall-Mounting Instructions	282
Log Descriptions	285
Importing Certificates	305
Wireless LANs	319
Open Software Announcements	333
Legal Information	373

Match case Limit results 1 per page

Chapter 14 Certificates

NWA3000-N Series User’s Guide

188

The following table describes the labels in this screen.

Table 67

Configuration > Object > Certificate > Trusted Certificates > Edit

LABEL

DESCRIPTION

Name

This field displays the identifying name of this certificate. You can

change the name. You can use up to 31 alphanumeric and

;‘~!@#$%^&()_+[]{}’,.=-

characters.

Certification Path

Click the

Refresh

button to have this read-only text box display the

end entity’s certificate and a list of certification authority certificates

that shows the hierarchy of certification authorities that validate the

end entity’s certificate. If the issuing certification authority is one that

you have imported as a trusted certificate, it may be the only

certification authority in the list (along with the end entity’s own

certificate). The NWA3000-N series AP does not trust the end entity’s

certificate and displays “Not trusted” in this field if any certificate on

the path has expired or been revoked.

Refresh

Click

Refresh

to display the certification path.

Enable X.509v3

CRL Distribution

Points and OCSP

checking

Select this check box to have the NWA3000-N series AP check

incoming certificates that are signed by this certificate against a

Certificate Revocation List (CRL) or an OCSP server. You also need to

configure the OSCP or LDAP server details.

OCSP Server

Select this check box if the directory server uses OCSP (Online

Certificate Status Protocol).

URL

Type the protocol, IP address and pathname of the OCSP server.

The NWA3000-N series AP may need to authenticate itself in order to

assess the OCSP server. Type the login name (up to 31 ASCII

characters) from the entity maintaining the server (usually a

certification authority).

Password

Type the password (up to 31 ASCII characters) from the entity

maintaining the OCSP server (usually a certification authority).

LDAP Server

Select this check box if the directory server uses LDAP (Lightweight

Directory Access Protocol). LDAP is a protocol over TCP that specifies

how clients access directories of certificates and lists of revoked

certificates.

Address

Type the IP address (in dotted decimal notation) of the directory

server.

Port

Use this field to specify the LDAP server port number. You must use

the same server port number that the directory server uses. 389 is

the default server port number for LDAP.

The NWA3000-N series AP may need to authenticate itself in order to

assess the CRL directory server. Type the login name (up to 31 ASCII

characters) from the entity maintaining the server (usually a

certification authority).

Password

Type the password (up to 31 ASCII characters) from the entity

maintaining the CRL directory server (usually a certification

authority).

Certificate

Information

These read-only fields display detailed information about the

certificate.