Home » D-Link Manuals » Hubs & Switches » D-Link DWC-1000 » Manual Viewer

D-Link DWC-1000 DWC-1000 User's Guide - Page 38

Table, 5. WPA/WPA/2 Settings

Add to My Manuals
Save this manual to your list of manuals

Page 38 highlights

Basic Configuration Table 3-5. WPA/WPA/2 Page Settings Security Field WPA Versions WPA Ciphers WPA Key Type WPA Key Bcast Key Refresh Rate (seconds) Description If you select WPA for Security, the following two additional security options are displayed. • WPA/WPA2 Personal = uses static key management. You manually configure the same keys to encrypt data on both the wireless client and the access point. WPA/WPA2 Enterprise uses a RADIUS server and dynamically generated keys to encrypt client-to- access point traffic. WPA Enterprise is more secure than WPA Personal, but you need a RADIUS server to manage the keys. • WPA Enterprise = more secure than WPA Personal, but you need a RADIUS server to manage the keys. If you click this option, the screen refreshes and the WPA Key Type and WPA Key fields are hidden. The access point uses the global RADIUS server or the RADIUS server you specified for the wireless network. Select the types of client stations you want to support. Choices are: WPA = if all client stations on the network support the original WPA but none supports WPA2, select WPA. WPA2 = if all client stations on the network support WPA2, use WPA2, which provides the best security per the IEEE 802.11i standard. WPA and WPA2 = if you have a mix of clients that support WPA2 or WPA, select both boxes. This lets both WPA and WPA2 client stations associate and authenticate, but uses the more robust WPA2 for clients who support it. This WPA configuration allows more interoperability, at the expense of some security. Select the cipher suite you want to use. Choices are: • TKIP • CCMP (AES) • TKIP and CCMP (AES) Both TKIP and AES clients can associate with the access point. WPA clients must have a valid TKIP key or AES-CCMP key to associate with the access point. 802.11n clients cannot use the TKIP cipher. If you enable TKIP only, 802.11 clients cannot authenticate with the network. Enter a WPA key type. Range: ASCII, including upper- and lower-case alphabetic letters, numeric digits, and special symbols such as @ and # Enter the shared secret key for WPA Personal. Range: 8 - 62 characters, including upper- and lower-case alphabetic letters, numeric digits, and special symbols such as @ and # Enter a value to set the interval at which the broadcast (group) key is refreshed for clients associated to this VAP. Range: 0 - 86400 seconds (0 = broadcast key is not refreshed) 38 DWC-1000 Wireless Controller User's Guide

Section	Page
Front Page	1
Contents	2
Preface	7
Audience	7
Document Revision Level	8
Changes in this Revision	8
Related Documents	8
Document Conventions	9
Safety and Warnings	9
Typographic Conventions	9
1. Product Overview	10
Features and Benefits	11
Scalable architecture with stacking and redundancy	11
Centralized management and configuration	11
Security	11
2. Unpacking and Installation	12
Unpacking	13
Package Contents	13
Required Tools and Information	13
Selecting a Location	14
Front Panel Ports and LEDs	15
Rear Panel	17
Using the Reset Button	17
Bottom Panel (Default IP Address)	18
Licenses	18
Installing the Wireless Controller	18
Rack-Mounting the Wireless Controller	18
Connecting the Wireless Controller	19
Sample Applications	21
Connecting to a Secured Network	21
Authenticating to an Authentication Server	22
Logging In to a Captive Portal	24
Where to Go from Here	25
3. Basic Configuration	26
Logging In to the Web Management Interface	27
Web Management Interface Layout	30
Basic Configuration Procedures	31
Basic Configuration Step #1. Enable DHCP Server (Optional)	32
Basic Configuration Step #2. Select the Access Points to be Managed	33
Basic Configuration Step #3. Change the SSID Name and Set Up Security	35
Basic Configuration Step #4. Confirm Access Point Profile is Associated	39
Basic Configuration Step #5. Configure Captive Portal Settings	40
1. Create a captive portal group	40
2. Add captive portal users	41
3. Associate the captive portal group to an interface	44
4. Customize the captive portal login page	45
Basic Configuration Step #6. Use SSID with RADIUS	48
Where to Go from Here	48
4. Advanced Configuration Settings	49
QoS Configuration	50
Enabling QoS Mode	50
Defining DSCP and CoS Settings	52
Configuring DSCP Priorities	52
Configuring CoS Priorities	53
VLANs	56
Enabling VLANs	56
Creating VLANs	57
Editing VLANs	59
Deleting VLANs	61
Port VLANs	62
MultiVLAN Subnets	63
DMZ Settings	66
Configuring a Port to Operate as a DMZ	66
Configuring DMZ Settings	67
Static Routing	69
Adding a Static Route	69
Editing Static Routes	71
Deleting Static Routes	72
Auto-Failover Settings	73
Load Balancing Settings	75
Additional Advanced Configuration Settings	77
5. Securing Your Network	79
Managing Clients	80
Viewing Known Clients and Adding Clients	80
Editing Clients	83
Deleting Clients	84
Content Filtering	85
Enabling Content Filtering	85
Specifying Approved URLs	86
Specifying Blocked Keywords	88
Exporting Web Filters	89
Additional Security Settings	91
6. VPN Settings	92
Configuring VPN Clients	93
Configuring IPsec Policies	95
Adding IPsec Policies	95
Example of a Manual Policy	103
Editing IPsec Policies	104
Enabling IPsec Policies	105
Disabling IPsec Policies	106
Exporting IPsec Policies	107
Deleting IPsec Policies	108
Mode Config Settings	109
DHCP Range	112
PPTP/LT2P Tunnels	113
PPTP Tunnel Support	113
Configuring PPTP Clients	113
Configuring PPTP Servers	114
L2TP Tunnel Support	118
OpenVPN Support	121
Additional VPN Settings	123
7. Viewing Status and Statistics	124
Viewing CPU and Memory Utilization	126
Viewing System Status	128
Viewing Managed Access Point Information	130
Viewing Cluster Information	132
Viewing Hardware and Usage Statistics	134
Wired Port Statistics	136
Managed Access Points and Associated Clients Statistics	137
LAN-Associated Clients	139
WLAN-Associated Clients	141
Sessions through the Wireless Controller	142
Associated Clients	143
LAN Clients	145
Detected Clients	146
Access Point Status	148
Access Point Summary	150
Managed Access Point	152
Authentication Failure Status	154
AP RF Scan Status	156
Global Status	158
Peer Controller Status	161
Peer Controller Configuration Status	163
Peer Controller Managed AP Status	164
IP Discovery	166
Configuration Receive Status	168
AP Hardware Capability	170
Client Status	171
Associated Client Status	173
Associated Client SSID Status	175
Associated Client VAP Status	177
Controller Associated Client Status	179
Detected Client Status	181
Pre-Authorization History	183
Detected Client Roam History	184
8. Maintenance	185
Group Management	186
Adding User Groups	186
Editing User Groups	189
Deleting User Groups	189
Configuring Login Policies	190
Configuring Browser Policies	191
Configuring IP Policies	193
User Management	196
Adding Users Manually	196
Importing Users	198
Editing Users	199
Deleting Users	200
Backing Up Configuration Settings	201
Restoring Configuration Settings	202
Restoring Factory Default Settings	203
Rebooting the Wireless Controller	204
Upgrading Firmware	205
Access Point Firmware Upgrade	205
Wireless Controller Firmware Upgrade	206
Activating Licenses	208
Using the Command Line Interface	210
9. Troubleshooting	211
LED Troubleshooting	212
Power LED is OFF	212
LAN Port LEDs Not ON	212
Troubleshooting the Web Management Interface	213
Using the Reset Button to Restore Default Settings	213
Problems with Date and Time	214
Discovery Problems with Access Points	214
Connection Problems	214
Network Performance and Rogue Access Point Detection	215
Using Diagnostic Tools on the Wireless Controller	215
Pinging an IP Address	215
Using Traceroute	216
Performing DNS Lookups	217
Capturing Log Packets	218
Checking Log Settings	219
Defining What to Log	219
Tracking Traffic	221
Accepted Packets Example	222
Dropped Packets Example	222
Remote Logging	223
Wireless Controller Event Log	226
IPsec VPN Log Messages	227
(USA and Canada Only)	235
Appendix D. Limited Lifetime Warranty	235

Match case Limit results 1 per page

Basic Configuration

DWC-1000 Wireless Controller User’s Guide

Table

3-5. WPA/WPA/2 Page Settings

Field

Description

Security

If you select WPA for Security, the following two additional security options are displayed.

•

WPA/WPA2 Personal = uses static key management. You manually configure the same keys

to encrypt data on both the wireless client and the access point. WPA/WPA2 Enterprise uses a

RADIUS server and dynamically generated keys to encrypt client-to- access point traffic. WPA

Enterprise is more secure than WPA Personal, but you need a RADIUS server to manage the

keys.

•

WPA Enterprise = more secure than WPA Personal, but you need a RADIUS server to

manage the keys. If you click this option, the screen refreshes and the WPA Key Type and

WPA Key fields are hidden. The access point uses the global RADIUS server or the RADIUS

server you specified for the wireless network.

WPA Versions

Select the types of client stations you want to support. Choices are:

WPA = if all client stations on the network support the original WPA but none supports WPA2,

select WPA.

WPA2 = if all client stations on the network support WPA2, use WPA2, which provides the best

security per the IEEE 802.11i standard.

WPA and WPA2 = if you have a mix of clients that support WPA2 or WPA, select both boxes.

This lets both WPA and WPA2 client stations associate and authenticate, but uses the more

robust WPA2 for clients who support it. This WPA configuration allows more interoperability, at

the expense of some security.

WPA Ciphers

Select the cipher suite you want to use. Choices are:

•

TKIP

•

CCMP (AES)

•

TKIP and CCMP (AES)

Both TKIP and AES clients can associate with the access point. WPA clients must have a valid

TKIP key or AES-CCMP key to associate with the access point.

802.11n clients cannot use the TKIP cipher. If you enable TKIP only, 802.11 clients cannot

authenticate with the network.

WPA Key Type

Enter a WPA key type.

Range: ASCII, including upper- and lower-case alphabetic letters, numeric digits, and special

symbols such as @ and #

WPA Key

Enter the shared secret key for WPA Personal.

Range: 8 – 62 characters, including upper- and lower-case alphabetic letters, numeric digits, and

special symbols such as @ and #

Bcast Key Refresh Rate (seconds)

Enter a value to set the interval at which the broadcast (group) key is refreshed for clients

associated to this VAP.

Range: 0 - 86400 seconds (0 = broadcast key is not refreshed)