Home » Netgear Manuals » Wireless » Netgear WAC730-Business » Manual Viewer

Netgear WAC730-Business User Manual - Page 50

Manage MAC Address Filter Profiles in the Local MAC Address Database

View all Netgear WAC730-Business manuals

Add to My Manuals
Save this manual to your list of manuals

Page 50 highlights

Dual-Band Wireless AC Access Point WAC720 and WAC730 User Manual (Continued) Setting Descriptions Secondary Accounting Server IPv4 Address or IPv6 Address Enter the IP address of the secondary RADIUS server for accounting. The secondary RADIUS server is used when the primary RADIUS server is not available. Port Enter the number of the UDP port on the access point that is used to access the secondary RADIUS server for accounting. The default port number is 1813. Shared Secret Enter the shared key that is used between the access point and the secondary RADIUS server during the accounting process. Authentication Settings Reauthentication The interval in seconds after which the supplicant is reauthenticated with the RADIUS server. Time (secs) The default interval is 3600 seconds (1 hour). Enter 0 to disable reauthentication. Update Global Select the check box to allow the global key update, and enter the interval in seconds. The check Key Every box is selected by default, and the default interval is 1800 seconds (30 minutes). Clear the check (secs) box to prevent the global key update. 6. Click the Apply button. Your settings are saved. For information about assigning the configured RADIUS server to a WiFi security profile for MAC address authentication, see step 7 in Configure and Enable WiFi Security Profiles on page 39. Manage MAC Address Filter Profiles in the Local MAC Address Database For increased security, you can restrict access to an SSID by allowing access to only specific computers or WiFi stations based on their MAC addresses. You can restrict access to only trusted computers so that unknown computers cannot connect over WiFi to the access point. MAC address filtering adds an obstacle against unwanted access to your network, but the data broadcast over the WiFi link is fully exposed if you do not also implement WiFi security. Before you can implement MAC address filtering, you must add one or more MAC address filter profiles (which is described in this section) and then assign the profile to a WiFi security profile (see Configure and Enable WiFi Security Profiles on page 39). You can assign the same MAC address filter profile to multiple WiFi security profiles, or you can set up different MAC address filter profiles for different WiFi security profiles. You can manually add MAC addresses to the MAC address filter profile and you can import a list of trusted MAC addresses. The file that you import must satisfy the following requirements: • The file must be a plain-text file with a .txt or .cfg extension. • Entries in the file must be MAC addresses in hexadecimal format with each octet separated by colons, for example 00:11:22:33:44:55. • Entries must be separated with a single space. • The file must contain only MAC addresses, no other information. Configure the WiFi Features and Security 50

Section	Page
Contents	4
1. Introduction and Hardware Overview	8
Unpack Your Access Point	9
Top Panel	9
Rear Panel	10
Access Point Label	11
2. Initial Setup	12
What You Need Before You Begin	13
System Requirements	13
WiFi Equipment Placement and Range Guidelines	13
Ethernet Cabling Requirements	14
LAN Configuration Requirements	14
Hardware Requirements for Computers on Your LAN	14
Operating Frequency Guidelines	14
Requirements for Entering IP Addresses	14
IPv4	14
IPv6	15
Install and Configure the Access Point	15
Connect the Access Point to a Computer	15
Log In to the Access Point	16
Log In to the Access Point When It Is Directly Connected to Your Computer	17
Log In to the Access Point When It Is Connected to a Network With a DHCP Server	18
Local Browser Interface	18
Disable Business Central Mode for a Standalone Access Point	19
Configure Basic General System Settings	20
Configure Time Settings	22
Configure the IPv4 Settings	23
Configure the Basic WiFi Settings	24
Configure 802.11bg/ng/bgn WiFi Settings	24
Configure 802.11a/a-na-ac WiFi Settings	27
Test Basic WiFi Connectivity	29
Mount the Access Point	30
Package Content of the Ceiling and Wall Installation Kit	30
Mount the Access Point to a Drop Ceiling	30
Mount the Access Point to a Wall	33
3. Configure the WiFi Features and Security	36
WiFi Data Security Options	37
WiFi Security Profiles	38
Configure and Enable WiFi Security Profiles	39
About WPA2-PSK and WPA-PSK & WPA2-PSK	46
About WPA2 With RADIUS and WPA & WPA2 With RADIUS	47
Change the QoS Policy for a WiFi Security Profile	47
Configure RADIUS Server Settings	48
Manage MAC Address Filter Profiles in the Local MAC Address Database	50
Add a MAC Address Filter Profile	51
Modify a MAC Address Filter Profile	52
Delete a MAC Address Filter Profile	53
Enable Rogue AP Detection and Monitor Rogue APs	53
Enable Rogue AP Detection	54
Monitor Rogue APs	55
Monitor Knows APs	56
Schedule the WiFi Radios to Be Turned Off	57
Configure Basic WiFi Quality of Service	59
4. Manage and Monitor the Access Point	61
Enable Remote Management	62
SNMP Management	62
Secure Shell and Telnet Management	63
Manage the Access Point over a Telnet Connection	64
Upgrade the Access Point Firmware	65
Upgrade the Firmware Over a Web Browser	65
Upgrade the Firmware Over a TFTP Server	66
Manage the Configuration File or Reset to Factory Defaults	67
Save the Configuration	68
Restore the Configuration	68
Restore the Access Point to the Factory Default Settings	69
Use the Local Browser Interface to Restore Factory Default Settings	70
Use the Reset Button to Restore Factory Default Settings	70
Reboot the Access Point Without Restoring the Default Configuration	71
Change the Administrator Password	72
Manage User Accounts	73
Add a New User Account	73
Change the Name for a User Account	74
Change the Privilege for a User Account	75
Reset the Password for a User Account	75
Delete a User Account	76
Enable the Syslog Server	76
Monitor the Access Point	77
View System Information	78
View Dashboard Information	80
View the Standalone Dashboard	80
View the Ensemble Dashboard	81
Monitor WiFi Clients	83
View the Activity Logs	85
View the Traffic Statistics	86
Set Up, Manage, and Monitor Ensembles	87
Configure Enable Ensemble Mode	88
Manage an Ensemble	88
Specify an Ensemble Management IP Address	89
Configure Ensemble Security With a Passphrase	89
Specify an Ensemble’s Channel Assignment Settings	90
Manage Automatic Channel Assignment for an Ensemble	91
Upgrade the Firmware of Ensemble Members From a Downloaded Firmware File	93
Upgrade the Firmware of Ensemble Members Over a TFTP Server	95
Monitor an Ensemble	96
Monitor the Status of the Ensemble	96
Monitor the Devices Connected to the Ensemble	97
Monitor the Access Points and Networks Neighboring the Ensemble	98
5. Configure Advanced Network and WiFi Features	100
Configure IPv6 Settings	101
Configure Spanning Tree Protocol, 802.1Q VLAN, and Link Layer Discovery Protocol	102
Configure STP and VLANs	102
Configure Ethernet LLDP	104
Configure Bonjour	105
Configure Advanced WiFi Settings	106
Configure Advanced Quality of Service Settings	109
Configure and Manage Quality of Service Policies	112
Configure a New QoS Policy	112
Modify a QoS Policy	117
Delete a QoS Policy	118
Configure Load Balancing	118
Manage Captive Portals	120
Enable the Access Point to Register With Facebook	121
Specify Captive Portal Profile Settings and Enable the Captive Portal Instance	121
Set Up Facebook Wi-Fi for a Captive Portal Profile	124
Add User Accounts to the Local Database for Captive Portal Access	126
Upload a Custom Logo	128
Configure a Default or Custom Captive Portal Splash Page	129
Enable the Global Captive Portal Mode	131
Configure WiFi Bridging	132
Point-to-Point Bridge and Point-to-Multipoint Bridge	132
Configure a WiFi Bridge	133
6. Troubleshooting	136
Troubleshoot the Basic Functions	137
Verify the Correct Sequence of Events at Startup	137
No LEDs Are Lit on the Access Point	137
The Active LED or the LAN LED Is Not Lit	138
The WLAN LED Does Not Light	138
You Cannot Access the Internet or the LAN From a WiFi Computer	138
You Cannot Configure the Access Point From a Browser	139
When You Enter a URL or IP Address a Time-Out Error Occurs	140
Troubleshoot a TCP/IP Network Using the Ping Utility	140
Test the LAN Path to Your Access Point	140
Test the Path from Your Computer to a Remote Device	141
Problems With Date and Time	141
Use the Packet Capture Tool	142
A. Configure the Access Point in Business Central Mode	143
Enable Business Central Mode	144
Configure the IP and 802.1Q VLAN Settings in Business Central Mode	145
Reboot the Access Point in Business Central Mode	146
Reset the Access Point in Business Central Mode to Factory Default Settings	147
Upgrade Access Point Firmware in Business Central Mode	148
Configure MAC Authentication in Business Central Mode	148
Add a MAC Address Filter Profile on an Access Point in Business Central Mode	149
Assign a MAC Address Filter Profile on an Access Point in Business Central Mode	151
Modify a MAC Address Filter Profile on an Access Point in Business Central Mode	153
Delete a MAC Address Filter Profile on an Access Point in Business Central Mode	154
Monitor the Access Point in Business Central Mode	154
View the Activity Logs of an Access Point in Business Central Mode	155
View Basic Information About the Access Point In Business Central Mode	156
B. Supplemental Information	157
Technical Specifications	158

Match case Limit results 1 per page

(Continued)

Descriptions

Setting

Enter the IP address of the secondary RADIUS server for

accounting. The secondary RADIUS server is used when the

primary RADIUS server is not available.

IPv4 Address or IPv6 Address

Secondary

Accounting

Server

Enter the number of the UDP port on the access point that is

used to access the secondary RADIUS server for accounting.

The default port number is 1813.

Port

Enter the shared key that is used between the access point and

the secondary RADIUS server during the accounting process.

Shared Secret

Authentication Settings

The interval in seconds after which the supplicant is reauthenticated with the RADIUS server.

The default interval is 3600 seconds (1 hour). Enter 0 to disable reauthentication.

Reauthentication

Time (secs)

Select the check box to allow the global key update, and enter the interval in seconds.The check

box is selected by default, and the default interval is 1800 seconds (30 minutes). Clear the check

box to prevent the global key update.

Update Global

Key Every

(secs)

Click the

Apply

button.

Your settings are saved.

For information about assigning the configured RADIUS server to a WiFi security profile for MAC address

authentication, see step 7 in

Configure and Enable WiFi Security Profiles

on page 39.

Manage MAC Address Filter Profiles in the Local MAC

Address Database

For increased security, you can restrict access to an SSID by allowing access to only specific computers or

WiFi stations based on their MAC addresses.You can restrict access to only trusted computers so that

unknown computers cannot connect over WiFi to the access point. MAC address filtering adds an obstacle

against unwanted access to your network, but the data broadcast over the WiFi link is fully exposed if you

do not also implement WiFi security.

Before you can implement MAC address filtering, you must add one or more MAC address filter profiles

(which is described in this section) and then assign the profile to a WiFi security profile (see

Configure and

Enable WiFi Security Profiles

on page 39).You can assign the same MAC address filter profile to multiple

WiFi security profiles, or you can set up different MAC address filter profiles for different WiFi security profiles.

You can manually add MAC addresses to the MAC address filter profile and you can import a list of trusted

MAC addresses. The file that you import must satisfy the following requirements:

•

The file must be a plain-text file with a .txt or .cfg extension.

•

Entries in the file must be MAC addresses in hexadecimal format with each octet separated by colons,

for example 00:11:22:33:44:55.

•

Entries must be separated with a single space.

•

The file must contain only MAC addresses, no other information.

Configure the WiFi Features and Security

Dual-Band Wireless AC Access Point WAC720 and WAC730 User Manual