Home » Netgear Manuals » Wireless » Netgear WAC730-Business » Manual Viewer

Netgear WAC730-Business User Manual - Page 47

About WPA2 With RADIUS and WPA & WPA2 With RADIUS, Change the QoS Policy for a WiFi Security Profile

View all Netgear WAC730-Business manuals

Add to My Manuals
Save this manual to your list of manuals

Page 47 highlights

Dual-Band Wireless AC Access Point WAC720 and WAC730 User Manual Table 2. Security and encryption options for WPA2-PSK and WPA-PSK & WPA2-PSK (Continued) Setting Passphrase Show Passphrase in Clear Text Descriptions Enter a passphrase. The passphrase length must be between 8 and 63 characters (inclusive). The default passphrase is sharedsecret. You can display the actual passphrase by selecting the Show Passphrase in Clear Text Yes radio button. Select the Yes radio button to display the actual passphrase in the Passphrase field. The default setting is No. About WPA2 With RADIUS and WPA & WPA2 With RADIUS WPA2 and WPA & WPA2 security require RADIUS-based 802.1x authentication, so you also must define RADIUS server settings. For information about RADIUS servers, see Configure RADIUS Server Settings on page 48. The selections that are available from the Data Encryption menu depend on the type of WPA authentication that you select from the Network Authentication menu and are shown in the following table. Table 3. Encryption options for WPA with RADIUS and WPA & WPA2 with RADIUS Setting AES TKIP + AES Descriptions Advanced Encryption Standard (AES) is the standard encryption method used with WPA2. Although some WiFi clients might support AES with WPA, the WAC720 and WAC730 access points do not support WPA with AES. The TKIP + AES encryption method is supported both for WPA and WPA2. Broadcast packets use TKIP. For unicast (point-to-point) transmissions, WPA clients use TKIP, and WPA2 clients use AES. For the WPA & WPA2 mixed mode, TKIP + AES is the only supported data encryption method. Change the QoS Policy for a WiFi Security Profile To change the QoS policy for a WiFi security profile: 1. Open a web browser from a computer that is connected to the same network as the access point or to the access point directly through an Ethernet cable. For more information, see Log In to the Access Point on page 16. 2. In the address bar, enter the IP address of the access point. A login window opens. 3. Enter the user name and password. The user name is admin. The default password is password. The user name and password are case-sensitive. 4. Select Configuration > Security > Profile Settings. Configure the WiFi Features and Security 47

Section	Page
Contents	4
1. Introduction and Hardware Overview	8
Unpack Your Access Point	9
Top Panel	9
Rear Panel	10
Access Point Label	11
2. Initial Setup	12
What You Need Before You Begin	13
System Requirements	13
WiFi Equipment Placement and Range Guidelines	13
Ethernet Cabling Requirements	14
LAN Configuration Requirements	14
Hardware Requirements for Computers on Your LAN	14
Operating Frequency Guidelines	14
Requirements for Entering IP Addresses	14
IPv4	14
IPv6	15
Install and Configure the Access Point	15
Connect the Access Point to a Computer	15
Log In to the Access Point	16
Log In to the Access Point When It Is Directly Connected to Your Computer	17
Log In to the Access Point When It Is Connected to a Network With a DHCP Server	18
Local Browser Interface	18
Disable Business Central Mode for a Standalone Access Point	19
Configure Basic General System Settings	20
Configure Time Settings	22
Configure the IPv4 Settings	23
Configure the Basic WiFi Settings	24
Configure 802.11bg/ng/bgn WiFi Settings	24
Configure 802.11a/a-na-ac WiFi Settings	27
Test Basic WiFi Connectivity	29
Mount the Access Point	30
Package Content of the Ceiling and Wall Installation Kit	30
Mount the Access Point to a Drop Ceiling	30
Mount the Access Point to a Wall	33
3. Configure the WiFi Features and Security	36
WiFi Data Security Options	37
WiFi Security Profiles	38
Configure and Enable WiFi Security Profiles	39
About WPA2-PSK and WPA-PSK & WPA2-PSK	46
About WPA2 With RADIUS and WPA & WPA2 With RADIUS	47
Change the QoS Policy for a WiFi Security Profile	47
Configure RADIUS Server Settings	48
Manage MAC Address Filter Profiles in the Local MAC Address Database	50
Add a MAC Address Filter Profile	51
Modify a MAC Address Filter Profile	52
Delete a MAC Address Filter Profile	53
Enable Rogue AP Detection and Monitor Rogue APs	53
Enable Rogue AP Detection	54
Monitor Rogue APs	55
Monitor Knows APs	56
Schedule the WiFi Radios to Be Turned Off	57
Configure Basic WiFi Quality of Service	59
4. Manage and Monitor the Access Point	61
Enable Remote Management	62
SNMP Management	62
Secure Shell and Telnet Management	63
Manage the Access Point over a Telnet Connection	64
Upgrade the Access Point Firmware	65
Upgrade the Firmware Over a Web Browser	65
Upgrade the Firmware Over a TFTP Server	66
Manage the Configuration File or Reset to Factory Defaults	67
Save the Configuration	68
Restore the Configuration	68
Restore the Access Point to the Factory Default Settings	69
Use the Local Browser Interface to Restore Factory Default Settings	70
Use the Reset Button to Restore Factory Default Settings	70
Reboot the Access Point Without Restoring the Default Configuration	71
Change the Administrator Password	72
Manage User Accounts	73
Add a New User Account	73
Change the Name for a User Account	74
Change the Privilege for a User Account	75
Reset the Password for a User Account	75
Delete a User Account	76
Enable the Syslog Server	76
Monitor the Access Point	77
View System Information	78
View Dashboard Information	80
View the Standalone Dashboard	80
View the Ensemble Dashboard	81
Monitor WiFi Clients	83
View the Activity Logs	85
View the Traffic Statistics	86
Set Up, Manage, and Monitor Ensembles	87
Configure Enable Ensemble Mode	88
Manage an Ensemble	88
Specify an Ensemble Management IP Address	89
Configure Ensemble Security With a Passphrase	89
Specify an Ensemble’s Channel Assignment Settings	90
Manage Automatic Channel Assignment for an Ensemble	91
Upgrade the Firmware of Ensemble Members From a Downloaded Firmware File	93
Upgrade the Firmware of Ensemble Members Over a TFTP Server	95
Monitor an Ensemble	96
Monitor the Status of the Ensemble	96
Monitor the Devices Connected to the Ensemble	97
Monitor the Access Points and Networks Neighboring the Ensemble	98
5. Configure Advanced Network and WiFi Features	100
Configure IPv6 Settings	101
Configure Spanning Tree Protocol, 802.1Q VLAN, and Link Layer Discovery Protocol	102
Configure STP and VLANs	102
Configure Ethernet LLDP	104
Configure Bonjour	105
Configure Advanced WiFi Settings	106
Configure Advanced Quality of Service Settings	109
Configure and Manage Quality of Service Policies	112
Configure a New QoS Policy	112
Modify a QoS Policy	117
Delete a QoS Policy	118
Configure Load Balancing	118
Manage Captive Portals	120
Enable the Access Point to Register With Facebook	121
Specify Captive Portal Profile Settings and Enable the Captive Portal Instance	121
Set Up Facebook Wi-Fi for a Captive Portal Profile	124
Add User Accounts to the Local Database for Captive Portal Access	126
Upload a Custom Logo	128
Configure a Default or Custom Captive Portal Splash Page	129
Enable the Global Captive Portal Mode	131
Configure WiFi Bridging	132
Point-to-Point Bridge and Point-to-Multipoint Bridge	132
Configure a WiFi Bridge	133
6. Troubleshooting	136
Troubleshoot the Basic Functions	137
Verify the Correct Sequence of Events at Startup	137
No LEDs Are Lit on the Access Point	137
The Active LED or the LAN LED Is Not Lit	138
The WLAN LED Does Not Light	138
You Cannot Access the Internet or the LAN From a WiFi Computer	138
You Cannot Configure the Access Point From a Browser	139
When You Enter a URL or IP Address a Time-Out Error Occurs	140
Troubleshoot a TCP/IP Network Using the Ping Utility	140
Test the LAN Path to Your Access Point	140
Test the Path from Your Computer to a Remote Device	141
Problems With Date and Time	141
Use the Packet Capture Tool	142
A. Configure the Access Point in Business Central Mode	143
Enable Business Central Mode	144
Configure the IP and 802.1Q VLAN Settings in Business Central Mode	145
Reboot the Access Point in Business Central Mode	146
Reset the Access Point in Business Central Mode to Factory Default Settings	147
Upgrade Access Point Firmware in Business Central Mode	148
Configure MAC Authentication in Business Central Mode	148
Add a MAC Address Filter Profile on an Access Point in Business Central Mode	149
Assign a MAC Address Filter Profile on an Access Point in Business Central Mode	151
Modify a MAC Address Filter Profile on an Access Point in Business Central Mode	153
Delete a MAC Address Filter Profile on an Access Point in Business Central Mode	154
Monitor the Access Point in Business Central Mode	154
View the Activity Logs of an Access Point in Business Central Mode	155
View Basic Information About the Access Point In Business Central Mode	156
B. Supplemental Information	157
Technical Specifications	158

Match case Limit results 1 per page

Table 2. Security and encryption options for WPA2-PSK and WPA-PSK & WPA2-PSK

(Continued)

Descriptions

Setting

Enter a passphrase. The passphrase length must be between 8 and 63 characters

(inclusive). The default passphrase is sharedsecret.

You can display the actual passphrase by selecting the

Show Passphrase in Clear

Text Yes

radio button.

Passphrase

Select the Yes radio button to display the actual passphrase in the

Passphrase

field.

The default setting is No.

Show Passphrase in Clear

Text

About WPA2 With RADIUS and WPA & WPA2 With RADIUS

WPA2 and WPA & WPA2 security require RADIUS-based 802.1x authentication, so you also must define

RADIUS server settings. For information about RADIUS servers, see

Configure RADIUS Server Settings

on page 48.

The selections that are available from the

Data Encryption

menu depend on the type of WPA authentication

that you select from the

Network Authentication

menu and are shown in the following table.

Table 3. Encryption options for WPA with RADIUS and WPA & WPA2 with RADIUS

Descriptions

Setting

Advanced Encryption Standard (AES) is the standard encryption method used with WPA2.

Although some WiFi clients might support AES with WPA, the WAC720 and WAC730 access

points do not support WPA with AES.

AES

The TKIP + AES encryption method is supported both for WPA and WPA2. Broadcast packets

use TKIP. For unicast (point-to-point) transmissions, WPA clients use TKIP, and WPA2 clients

use AES. For the WPA & WPA2 mixed mode, TKIP + AES is the only supported data encryption

method.

TKIP + AES

Change the QoS Policy for a WiFi Security Profile

To change the QoS policy for a WiFi security profile:

Open a web browser from a computer that is connected to the same network as the access point or to

the access point directly through an Ethernet cable.

For more information, see

on page 16.

In the address bar, enter the IP address of the access point.

A login window opens.

Enter the user name and password.

The user name is

admin

. The default password is

password

. The user name and password are

case-sensitive.

Select

Configuration > Security > Profile Settings

Configure the WiFi Features and Security

Dual-Band Wireless AC Access Point WAC720 and WAC730 User Manual