Home » ZyXEL Manuals » Networking » ZyXEL NWA1100 » Manual Viewer

ZyXEL NWA1100 User Guide - Page 25

Ways to Manage the NWA, 1.4 Configuring Your NWA’s Security Features - n default password

Get ZyXEL NWA1100 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

Chapter 1 Introducing the NWA 1.3 Ways to Manage the NWA Use any of the following methods to manage the NWA. • Web Configurator. This is recommended for everyday management of the NWA using a (supported) web browser. • Command Line Interface. Line commands are mostly used for troubleshooting by service engineers. • FTP (File Transfer Protocol) for firmware upgrades. • SNMP (Simple Network Management Protocol). The device can be monitored by an SNMP manager. 1.4 Configuring Your NWA's Security Features Your NWA comes with a variety of security features. This section summarizes these features and provides links to sections in the User's Guide to configure security settings on your NWA. Follow the suggestions below to improve security on your NWA and network. 1.4.1 Control Access to Your Device Ensure only people with permission can access your NWA. • Control physical access by locating devices in secure areas, such as locked rooms. Most NWAs have a reset button. If an unauthorized person has access to the reset button, they can then reset the device's password to its default password, log in and reconfigure its settings. • Change any default passwords on the NWA, such as the password used for accessing the NWA's web configurator (if it has a web configurator). Use a password with a combination of letters and numbers and change your password regularly. Write down the password and put it in a safe place. • Avoid setting a long timeout period before the NWA's web configurator automatically times out. A short timeout reduces the risk of unauthorized person accessing the web configurator while it is left idle. • See Chapter 5 on page 55 for instructions on changing your password and setting the timeout period. • Configure remote management to control who can manage your NWA. See Chapter 12 on page 109 for more information. If you enable remote management, ensure you have enabled remote management only on the IP addresses, services or interfaces you intended and that other remote management settings are disabled. 1.4.2 Wireless Security Wireless devices are especially vulnerable to attack. If your NWA has a wireless function, take the following measures to improve wireless security. • Enable wireless security on your NWA. Choose the most secure encryption method that all devices on your network support. See Section 8.4 on page 87 for directions on configuring encryption. If you have a RADIUS server, enable IEEE 802.1x or WPA(2) user identification on your network so users must log in. This method is more common in business environments. NWA1100-N User's Guide 25

Section	Page
NWA1100-N	1
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
User’s Guide	17
Introducing the NWA	19
1.1 Introducing the NWA	19
1.2 Applications for the NWA	19
1.2.1 Access Point	20
1.2.2 Bridge / Repeater	20
1.2.3 AP + Bridge	22
1.2.4 Wireless Client	23
1.2.5 MBSSID	24
1.3 Ways to Manage the NWA	25
1.4 Configuring Your NWA’s Security Features	25
1.4.1 Control Access to Your Device	25
1.4.2 Wireless Security	25
1.5 Good Habits for Managing the NWA	26
1.6 Hardware Connections	26
1.7 LEDs	27
Introducing the Web Configurator	29
2.1 Accessing the Web Configurator	29
2.2 Resetting the NWA	30
2.2.1 Methods of Restoring Factory-Defaults	30
2.3 Navigating the Web Configurator	30
Status Screens	33
3.1 The Status Screen	33
3.1.1 System Statistics Screen	35
Tutorial	37
4.1 How to Configure the Wireless LAN	37
4.1.1 Choosing the Wireless Mode	37
4.1.2 Wireless LAN Configuration Overview	37
4.1.3 Further Reading	38
4.2 How to Configure Multiple Wireless Networks	39
4.2.1 Configure the SSID Profiles	40
4.2.2 Configure the Standard Network	42
4.2.3 Configure the VoIP Network	43
4.2.4 Configure the Guest Network	45
4.2.5 Testing the Wireless Networks	46
4.3 NWA Setup in AP and Wireless Client Modes	47
4.3.1 Scenario	47
4.3.2 Configuring the NWA in Access Point Mode	47
4.3.3 Configuring the NWA in Wireless Client Mode	50
4.3.4 MAC Filter Setup	51
4.3.5 Testing the Connection and Troubleshooting	52
Technical Reference	53
System Screens	55
5.1 Overview	55
5.2 What You Can Do in this Chapter	55
5.3 What You Need To Know	55
5.4 General Screen	57
5.4.1 Password Screen	57
5.5 Time Screen	58
5.6 Technical Reference	59
5.6.1 Pre-defined NTP Time Servers List	59
Wireless Settings Screen	60
6.1 Overview	60
6.2 What You Can Do in this Chapter	60
6.3 What You Need To Know	61
6.4 Wireless Settings Screen	62
6.4.1 Access Point Mode	63
6.4.2 Bridge / Repeater Mode	65
6.4.3 AP + Bridge Mode	69
6.4.4 Wireless Client Mode	70
6.4.5 MBSSID Mode	73
6.5 Technical Reference	75
6.5.1 WMM QoS	75
6.5.2 Spanning Tree Protocol (STP)	76
6.5.3 Additional Wireless Terms	77
SSID Screen	79
7.1 Overview	79
7.1.1 What You Can Do in this Chapter	79
7.1.2 What You Need To Know	79
7.2 The SSID Screen	80
7.2.1 Configuring SSID	81
7.3 Technical Reference	82
7.3.1 WMM QoS	82
7.3.2 Type Of Service (ToS)	83
Wireless Security Screen	85
8.1 Overview	85
8.2 What You Can Do in this Chapter	85
8.3 What You Need To Know	86
8.4 The Security Screen	87
8.4.1 Security: WEP	89
8.4.2 Security: 802.1x Only	90
8.4.3 Security: 802.1x Static 64-bit, 802.1x Static 128-bit, 802.1x Static 152- bit	92
8.4.4 Security: WPA	93
8.4.5 Security: WPA2 or WPA2-MIX	95
8.4.6 Security: WPA-PSK, WPA2-PSK, WPA2-PSK-MIX	97
8.5 Technical Reference	98
RADIUS Screen	99
9.1 Overview	99
9.2 What You Can Do in this Chapter	99
9.3 What You Need to Know	99
9.4 The RADIUS Screen	100
MAC Filter Screen	102
10.1 Overview	102
10.2 What You Can Do in this Chapter	102
10.3 What You Need To Know	102
10.4 MAC Filter Screen	103
IP Screen	105
11.1 Overview	105
11.2 What You Can Do in this Chapter	105
11.3 What You Need to Know	105
11.4 IP Screen	106
11.5 Technical Reference	107
11.5.1 WAN IP Address Assignment	107
11.5.2 Spanning Tree Protocol (STP)	107
Remote Management	109
12.1 Overview	109
12.2 What You Can Do in this Chapter	109
12.3 What You Need To Know	110
12.4 The Telnet Screen	112
12.5 The FTP Screen	112
12.6 The WWW Screen	113
12.7 The SNMP Screen	115
12.8 Technical Reference	116
12.8.1 MIB	116
12.8.2 Supported MIBs	116
12.8.3 SNMP Traps	117
Certificate Screen	119
13.1 Overview	119
13.2 What You Can Do in this Chapter	119
13.3 What You Need To Know	119
13.4 Certificate Screen	120
13.5 Technical Reference	120
13.5.1 Private-Public Certificates	120
13.5.2 Certification Authorities	121
13.5.3 Checking the Fingerprint of a Certificate on Your Computer	121
Log Screens	123
14.1 Overview	123
14.2 What You Can Do in this Chapter	123
14.3 What You Need To Know	124
14.4 View Log Screen	124
14.5 Log Settings Screen	125
Maintenance	129
15.1 Overview	129
15.2 What You Can Do in this Chapter	129
15.3 What You Need To Know	129
15.4 Association List Screen	129
15.5 Channel Usage Screen	130
15.6 F/W Upload Screen	131
15.7 Configuration File Screen	133
15.7.1 Backup Configuration	133
15.7.2 Restore Configuration	133
15.7.3 Back to Factory Defaults	135
15.8 Restart Screen	135
Troubleshooting	137
16.1 Power, Hardware Connections, and LEDs	137
16.2 NWA Access and Login	138
16.3 Internet Access	139
Product Specifications	141
Power over Ethernet (PoE) Specifications	142
Setting Up Your Computer’s IP Address	143
Pop-up Windows, JavaScript and Java Permissions	171
IP Addresses and Subnetting	183
Wireless LANs	191
Text File Based Auto Configuration	205
Open Software Announcements	207
Legal Information	237

Match case Limit results 1 per page

Chapter 1 Introducing the NWA

NWA1100-N User’s Guide

1.3

Ways to Manage the NWA

Use any of the following methods to manage the NWA.

•

Web Configurator. This is recommended for everyday management of the NWA using a

(supported) web browser.

•

Command Line Interface. Line commands are mostly used for troubleshooting by service

engineers.

•

FTP (File Transfer Protocol) for firmware upgrades.

•

SNMP (Simple Network Management Protocol). The device can be monitored by an SNMP

manager.

1.4

Configuring Your NWA’s Security Features

Your NWA comes with a variety of security features. This section summarizes these features and

provides links to sections in the User’s Guide to configure security settings on your NWA. Follow the

suggestions below to improve security on your NWA and network.

1.4.1

Control Access to Your Device

Ensure only people with permission can access your NWA.

•

Control physical access by locating devices in secure areas, such as locked rooms. Most NWAs

have a reset button. If an unauthorized person has access to the reset button, they can then

reset the device’s password to its default password, log in and reconfigure its settings.

•

Change any default passwords on the NWA, such as the password used for accessing the NWA’s

web configurator (if it has a web configurator). Use a password with a combination of letters and

numbers and change your password regularly. Write down the password and put it in a safe

place.

•

Avoid setting a long timeout period before the NWA’s web configurator automatically times out. A

short timeout reduces the risk of unauthorized person accessing the web configurator while it is

left idle.

• See

Chapter 5 on page 55

for instructions on changing your password and setting the timeout

period.

•

Configure remote management to control who can manage your NWA. See

Chapter 12 on page

109

for more information. If you enable remote management, ensure you have enabled remote

management only on the IP addresses, services or interfaces you intended and that other remote

management settings are disabled.

1.4.2

Wireless Security

Wireless devices are especially vulnerable to attack. If your NWA has a wireless function, take the

following measures to improve wireless security.

•

Enable wireless security on your NWA. Choose the most secure encryption method that all

devices on your network support. See

Section 8.4 on page 87

for directions on configuring

encryption. If you have a RADIUS server, enable IEEE 802.1x or WPA(2) user identification on

your network so users must log in. This method is more common in business environments.