Home » ZyXEL Manuals » Wireless » ZyXEL WAC500 » Manual Viewer

ZyXEL WAC500 User Guide - Page 181

Configuration > Object > Certificate > My Certificates > Add, Host IP Address, Host Domain

Add to My Manuals
Save this manual to your list of manuals

Page 181 highlights

Chapter 15 Certificates The following table describes the labels in this screen. Table 55 Configuration > Object > Certificate > My Certificates > Add LABEL DESCRIPTION Name Subject Information Type a name to identify this certificate. You can use up to 31 alphanumeric and characters. Use these fields to record information that identifies the owner of the certificate. You do not have to fill in every field, although you must specify a Host IP Address, Host Domain Name, or E-Mail. The certification authority may add fields (such as a serial number) to the subject information when it issues a certificate. It is recommended that each certificate have unique subject information. Select a radio button to identify the certificate's owner by IP address, domain name or email address. Type the IP address (in dotted decimal notation), domain name or e-mail address in the field provided. The domain name or e-mail address is for identification purposes only and can be any string. A domain name can be up to 255 characters. You can use alphanumeric characters, the hyphen and periods. Organizational Unit Organization Town (City) State (Province) Country Key Type An e-mail address can be up to 63 characters. You can use alphanumeric characters, the hyphen, the @ symbol, periods and the underscore. Identify the organizational unit or department to which the certificate owner belongs. You can use up to 31 characters. You can use alphanumeric characters, the hyphen and the underscore. Identify the company or group to which the certificate owner belongs. You can use up to 31 characters. You can use alphanumeric characters, the hyphen and the underscore. Identify the town or city where the certificate owner is located. You can use up to 31 characters. You can use alphanumeric characters, the hyphen and the underscore. Identify the state or province where the certificate owner is located. You can use up to 31 characters. You can use alphanumeric characters, the hyphen and the underscore. Identify the nation where the certificate owner is located. You can use up to 31 characters. You can use alphanumeric characters, the hyphen and the underscore. The Zyxel Device uses the RSA (Rivest, Shamir and Adleman) public-key encryption algorithm. SHA1 (Secure Hash Algorithm) and SHA2 are hash algorithms used to authenticate packet data. SHA2-256 or SHA2-512 are part of the SHA2 set of cryptographic functions and they are considered even more secure than SHA1. Key Length Extended Key Usage Select a key type from RSA-SHA256 and RSA-SHA512. Select a number from the drop-down list box to determine how many bits the key should use (1024 to 2048). The longer the key, the more secure it is. A longer key also uses more PKI storage space. Select Server Authentication to allow a web server to send clients the certificate to authenticate itself. Create a self-signed certificate Create a certification request and save it locally for later manual enrollment Select Client Authentication to use the certificate's key to authenticate clients to the secure gateway. These radio buttons deal with how and when the certificate is to be generated. Select this to have the Zyxel Device generate the certificate and act as the Certification Authority (CA) itself. This way you do not need to apply to a certification authority for certificates. Select this to have the Zyxel Device generate and store a request for a certificate. Use the My Certificate Edit screen to view the certification request and copy it to send to the certification authority. Copy the certification request from the My Certificate Edit screen and then send it to the certification authority. NWA/WAC/WAX Series User's Guide 127

Section	Page
NWA/WAC/WAX Series	1
Document Conventions	3
Contents Overview	4
Table of Contents	5
Introduction	12
1.1 Overview	12
1.2 Zyxel Device Roles	12
1.2.1 Root AP	13
1.2.2 Wireless Repeater	14
1.2.3 Radio Frequency (RF) Monitor	15
1.3 Sample Feature Applications	16
1.3.1 MBSSID	16
1.3.2 Dual-Radio	17
1.4 Zyxel Device Product Feature Comparison	18
AP Management	25
2.1 Management Mode	25
2.1.1 Standalone	25
2.1.2 Nebula Control Center	26
2.1.3 AP Controller (AC)	27
2.2 Switching Management Modes	28
2.3 Zyxel One Network (ZON) Utility	29
2.3.1 Requirements	29
2.3.2 Run the ZON Utility	29
2.4 Ways to Access the Zyxel Device	33
2.5 Good Habits for Managing the Zyxel Device	34
Hardware	35
3.1 Grounding (WAC6552D-S and WAC6553D-E)	35
3.2 Zyxel Device Models With Single LEDs	36
3.3 Zyxel Device Single LED	36
3.3.1 NWA1123-ACv2	37
3.3.2 WAC6303D-S, NWA1123-AC HD and NWA5123-AC HD	38
3.3.3 NWA5123-AC	40
3.3.4 WAC500, WAC500H, NWA1123ACv3, NWA110AX, NWA210AX, WAX510D, WAX610D and WAX650S	41
3.4 Zyxel Device Models With Multiple LEDs	43
3.4.1 NWA1123-AC PRO	44
3.4.2 NWA1302-AC/WAC5302D-Sv2	45
3.4.3 WAC6502D-E, WAC6502D-S, and WAC6503D-S	48
3.4.4 WAC6103D-I	50
3.4.5 WAC5302D-S	51
Web Configurator	54
4.1 Overview	54
4.2 Accessing the Web Configurator	54
4.3 Navigating the Web Configurator	57
4.3.1 Title Bar	58
4.3.2 Navigation Panel	59
4.3.3 Standalone Mode Navigation Panel Menus	59
4.3.4 Cloud Mode Navigation Panel Menus	62
4.3.5 Tables and Lists	62
Standalone Configuration	65
Standalone Configuration	66
5.1 Overview	66
5.2 Starting and Stopping the Zyxel Device	66
Dashboard	68
6.1 Overview	68
6.1.1 CPU Usage	71
6.1.2 Memory Usage	72
Setup Wizard	74
7.1 Accessing the Wizard	74
7.2 Using the Wizard	74
7.2.1 Step 1 Time Settings	74
7.2.2 Step 2 Password and Uplink Connection	75
7.2.3 Step 3 Radio	76
7.2.4 Step 4 SSID	77
7.2.5 Summary	79
Monitor	80
8.1 Overview	80
8.1.1 What You Can Do in this Chapter	80
8.2 What You Need to Know	80
8.3 Network Status	81
8.3.1 Port Statistics Graph	82
8.4 Radio List	83
8.4.1 AP Mode Radio Information	85
8.5 Station List	87
8.6 WDS Link Info	88
8.7 Detected Device	89
8.8 View Log	92
Network	95
9.1 Overview	95
9.1.1 AP Controller Management	95
9.1.2 What You Can Do in this Chapter	97
9.2 IP Setting	98
9.3 VLAN	99
9.4 Storm Control	102
9.5 AC (AP Controller) Discovery	103
9.6 NCC Discovery	104
Wireless	108
10.1 Overview	108
10.1.1 What You Can Do in this Chapter	108
10.1.2 What You Need to Know	109
10.2 AP Management	109
10.3 Rogue AP	113
10.3.1 Add/Edit Rogue/Friendly List	116
10.4 Load Balancing	117
10.4.1 Disassociating and Delaying Connections	119
10.5 DCS	120
10.6 Technical Reference	120
Bluetooth	123
11.1 Overview	123
11.1.1 What You Need To Know	123
11.2 Bluetooth Advertising Settings	124
11.2.1 Edit Advertising Settings	124
User	126
11.1 Overview	126
11.1.1 What You Can Do in this Chapter	126
11.1.2 What You Need To Know	126
11.2 User Summary	127
11.2.1 Add/Edit User	127
11.3 Setting	129
11.3.1 Edit User Authentication Timeout Settings	131
AP Profile	133
12.1 Overview	133
12.1.1 What You Can Do in this Chapter	133
12.1.2 What You Need To Know	133
12.2 Radio	134
12.2.1 Add/Edit Radio Profile	135
12.3 SSID	141
12.3.1 SSID List	141
12.3.2 Add/Edit SSID Profile	142
12.4 Security List	145
12.4.1 Add/Edit Security Profile	146
12.5 MAC Filter List	161
12.5.1 Add/Edit MAC Filter Profile	162
12.6 Layer-2 Isolation List	163
12.6.1 Add/Edit Layer-2 Isolation Profile	164
MON Profile	171
13.1 Overview	171
13.1.1 What You Can Do in this Chapter	171
13.2 MON Profile	171
13.2.1 Add/Edit MON Profile	172
WDS Profile	174
14.1 Overview	174
14.1.1 What You Can Do in this Chapter	174
14.2 WDS Profile	174
14.2.1 Add/Edit WDS Profile	175
Certificates	176
15.1 Overview	176
15.1.1 What You Can Do in this Chapter	176
15.1.2 What You Need to Know	176
15.1.3 Verifying a Certificate	178
15.2 My Certificates	179
15.2.1 Add My Certificates	180
15.2.2 Edit My Certificates	182
15.2.3 Import Certificates	185
15.3 Trusted Certificates	186
15.3.1 Edit Trusted Certificates	187
15.3.2 Import Trusted Certificates	190
15.4 Technical Reference	191
System	192
16.1 Overview	192
16.1.1 What You Can Do in this Chapter	192
16.2 Host Name	192
16.3 Power Mode	193
16.4 Date and Time	194
16.4.1 Pre-defined NTP Time Servers List	196
16.4.2 Time Server Synchronization	196
16.5 WWW Overview	197
16.5.1 Service Access Limitations	197
16.5.2 System Timeout	197
16.5.3 HTTPS	198
16.5.4 Configuring WWW Service Control	198
16.5.5 HTTPS Example	199
16.6 SSH	205
16.6.1 How SSH Works	206
16.6.2 SSH Implementation on the Zyxel Device	207
16.6.3 Requirements for Using SSH	207
16.6.4 Configuring SSH	207
16.6.5 Examples of Secure Telnet Using SSH	208
16.7 Telnet	209
16.8 FTP	210
16.9 SNMP	211
16.9.1 Supported MIBs	212
16.9.2 SNMP Traps	212
16.9.3 Configuring SNMP	212
16.9.4 Adding or Editing an SNMPv3 User Profile	213
Log and Report	215
17.1 Overview	215
17.1.1 What You Can Do In this Chapter	215
17.2 Email Daily Report	215
17.3 Log Setting	217
17.3.1 Log Setting Screen	218
17.3.2 Edit System Log Settings	219
17.3.3 Edit Remote Server	223
17.3.4 Active Log Summary	224
File Manager	227
18.1 Overview	227
18.1.1 What You Can Do in this Chapter	227
18.1.2 What you Need to Know	227
18.2 Configuration File	228
18.2.1 Example of Configuration File Download Using FTP	232
18.3 Firmware Package	233
18.3.1 Example of Firmware Upload Using FTP	234
18.4 Shell Script	235
Diagnostics	238
19.1 Overview	238
19.1.1 What You Can Do in this Chapter	238
19.2 Diagnostics	238
19.3 Remote Capture	239
LEDs	240
20.1 Overview	240
20.1.1 What You Can Do in this Chapter	240
20.2 Suppression Screen	240
20.3 Locator Screen	241
Antenna Switch	243
22.1 Overview	243
22.1.1 What You Need To Know	243
22.2 Antenna Switch Screen	243
Reboot	245
21.1 Overview	245
21.1.1 What You Need To Know	245
21.2 Reboot	245
Shutdown	246
22.1 Overview	246
22.1.1 What You Need To Know	246
22.2 Shutdown	246
Local Configuration in Cloud Mode	247
Cloud Mode	248
23.1 Overview	248
23.2 Cloud Mode Web Configurator Screens	248
23.3 Dashboard	249
Network	251
24.1 Overview	251
24.1.1 What You Can Do in this Chapter	251
24.2 IP Setting	251
24.3 VLAN	253
Maintenance	254
25.1 Overview	254
25.1.1 What You Can Do in this Chapter	254
25.2 Shell Script	254
25.3 Diagnostics	255
25.4 View Log	256
Appendices and Troubleshooting	259
Troubleshooting	260
26.1 Overview	260
26.2 Power, Hardware Connections, and LED	260
26.3 Zyxel Device Management, Access, and Login	261
26.4 Internet Access	265
26.5 WiFi Network	266
26.6 Resetting the Zyxel Device	267
26.7 Getting More Troubleshooting Help	268
Importing Certificates	269
IPv6	293
Customer Support	301
Legal Information	307

Match case Limit results 1 per page

Chapter 15 Certificates

NWA/WAC/WAX Series User’s Guide

127

The following table describes the labels in this screen.

Table 55

Configuration > Object > Certificate > My Certificates > Add

LABEL

DESCRIPTION

Name

Type a name to identify this certificate. You can use up to 31 alphanumeric and

;‘~!@#$%^&()_+[]{}’,.=-

characters.

Subject Information

Use these fields to record information that identifies the owner of the certificate. You do

not have to fill in every field, although you must specify a

Host IP Address

Host Domain

Name

, or

E-Mail

. The certification authority may add fields (such as a serial number) to the

subject information when it issues a certificate. It is recommended that each certificate

have unique subject information.

Select a radio button to identify the certificate’s owner by IP address, domain name or e-

mail address. Type the IP address (in dotted decimal notation), domain name or e-mail

address in the field provided. The domain name or e-mail address is for identification

purposes only and can be any string.

A domain name can be up to 255 characters. You can use alphanumeric characters, the

hyphen and periods.

An e-mail address can be up to 63 characters. You can use alphanumeric characters, the

hyphen, the @ symbol, periods and the underscore.

Organizational Unit

Identify the organizational unit or department to which the certificate owner belongs. You

can use up to 31 characters. You can use alphanumeric characters, the hyphen and the

underscore.

Organization

Identify the company or group to which the certificate owner belongs. You can use up to

31 characters. You can use alphanumeric characters, the hyphen and the underscore.

Town (City)

Identify the town or city where the certificate owner is located. You can use up to 31

characters. You can use alphanumeric characters, the hyphen and the underscore.

State (Province)

Identify the state or province where the certificate owner is located. You can use up to 31

characters. You can use alphanumeric characters, the hyphen and the underscore.

Country

Identify the nation where the certificate owner is located. You can use up to 31

characters. You can use alphanumeric characters, the hyphen and the underscore.

Key Type

The Zyxel Device uses the RSA (Rivest, Shamir and Adleman) public-key encryption

algorithm. SHA1 (Secure Hash Algorithm) and SHA2 are hash algorithms used to

authenticate packet data. SHA2-256 or SHA2-512 are part of the SHA2 set of

cryptographic functions and they are considered even more secure than SHA1.

Select a key type from

RSA-SHA256

and

RSA-SHA512

Key Length

Select a number from the drop-down list box to determine how many bits the key should

use (1024 to 2048). The longer the key, the more secure it is. A longer key also uses more PKI

storage space.

Extended Key Usage

Select

Server Authentication

to allow a web server to send clients the certificate to

authenticate itself.

Select

Client Authentication

to use the certificate’s key to authenticate clients to the

secure gateway.

These radio buttons deal with how and when the certificate is to be generated.

Create a self-signed

certificate

Select this to have the Zyxel Device generate the certificate and act as the Certification

Authority (CA) itself. This way you do not need to apply to a certification authority for

certificates.

Create a certification

request and save it

locally for later

manual enrollment

Select this to have the Zyxel Device generate and store a request for a certificate. Use the

My Certificate Edit

screen to view the certification request and copy it to send to the

certification authority.

Copy the certification request from the

My Certificate Edit

screen and then send it to the

certification authority.