Symbol Technologies WS 2000 manual System Overview, Management of Access Ports, Firewall Security

Page 7

System Overview

GUI Screen text

Indicates monitor screen dialog / output from the graphical user interface accessed from any web browser on the network.

System Overview

The WS 2000 Wireless Switch provides a low-cost, feature-rich wireless switch for sites with one to six Access Ports. The WS 2000 Wireless Switch works at the center of a network’s infrastructure to seamlessly and securely combine wireless LANs (WLANs) and wired networks. The switch sits on the network. Wireless Access Ports connect to one of the six available ports on the switch and the external wired network (WAN) connects to a single 10/100 Mbit/sec. WAN port.

Mobile units (MUs) associate with the switch via an Access Port. Once an MU contacts the switch, the switch cell controller services attempt to authenticate the device for access to the network.

The WS 2000 Wireless Switch acts as a WAN/LAN gateway and a wired/wireless switch.

Management of Access Ports

This wireless switch provides six 10/100 Mbit/sec. LAN ports for internal wired or wireless traffic. Four of these ports provide IEEE 802.3af-compliant Power over Ethernet (PoE) support for devices that require power from the Ethernet connection (such as Access Ports). Administrators can configure the six ports to communicate with a private LAN or with an Access Port for a wireless LAN (WLAN). The switch provides three extended service set identifiers (ESSIDs) for each Access Port connected to the switch.

Firewall Security

The LAN and Access Ports are placed behind a user configurable firewall that provides stateful packet inspection. The wireless switch performs network address translation (NAT) on packets passing to and from the WAN port. This combination provides enhanced security by monitoring communication with the wired network.

Wireless LAN (WLAN) Security

Administrators can configure security settings independently for each ESSID. Security settings and protocols available with this switch include:

•Kerberos

•WEP-40

•WEP-128

•802.1x with RADIUS

•802.1x with Shared Key

•KeyGuard-MCM

•WPA

Copyright © 2004 Symbol Technologies, Inc. All Rights Reserved	7
WS 2000 Wireless Switch: 1.0 Date of last Revision: March 2004

Image 7

Contents System Reference WS 2000 Wireless Switch Version72E-67701-01 Rev a March Patents CopyrightTable of Contents Chapter Advanced Configuration Chapter Field Office Example 111 About this Document WS 2000 Wireless Switch System Reference GuideDocument Conventions Firewall Security Management of Access PortsWireless LAN Wlan Security System OverviewPhysical Specifications Technical SpecificationsHardware Overview Environmental Specifications Operating System OS ServicesCell Controller Services Power SpecificationsGateway Services 802.11b Support 802.11a SupportAccess Ports WS 2000 Wireless Switch Firewall Gateway ServicesNetwork Address Translation NAT Overview Layer 3 RoutingSnmp Management Support Dhcp Client and ServerWEP 64 40-bit key 802.1x with Radius AuthenticationWEP 128 104-bit Key Kerberos Authentication 802.1x with Shared Key AuthenticationKeyGuard-MCM Support Wireless Protected Access WPASet up Communication to the Switch Installing the SwitchGetting Started Overview Getting Started Overview Changing the Administrator Password Configuring the Switch Configure the LAN InterfaceField Description Defining the SubnetsInterfaces Configure SubnetsDhcp Configuration Advanced Dhcp Settings Communicating with the Outside World Configure the WAN InterfaceSetting Up Point-to-Point over Ethernet PPPoE Communication Chap Enable Wireless LANs WLANsWireless Summary Area Access Port Adoption Configure WLANsField Description Name Configure Wlan SecuritySubnet 802.1x EAP Authentication Setting the Authentication MethodKerberos Authentication Setting the Encryption MethodConfiguring WEP Encryption Configuring WPA-TKIP Configure Wlan Security No Encryption KeyGuard-MCMMobile Unit Access Control List ACL Configure Access PortsConfigure Access Ports Name Configure Subnet AccessYellow Access Overview TableAccess Exception Area Color Access Type Description GreenHttp Protocol Transport Description Port UsedALL Transport DescriptionWLAN-How to Configure Advanced Settings Advanced ConfigurationWLAN-Setting Default Access Port Settings WLAN-Setting Default Access Port Settings Dtim Period Beacon IntervalPrimary Wlan WLAN-Advanced Access Port SettingsSecurity Beacon WLAN-Advanced Access Port Settings Beacon is a packet broadcast by the adopted access ports to Gateway-How to Configure Network Address Translation NAT Gateway-How to Configure Network Address Translation NAT Always On Firewall Filters Gateway-How to Configure the WS 2000 FirewallConfigurable Firewall Filters Mime Flood Attack Check Gateway-How to Configure Static RoutesRIP Setting the RIP ConfigurationDefining Routes No RIPNone Security-How to Configure 802.1x EAP AuthenticationRIP v2 CompatSecurity-How to Configure 802.1x EAP Authentication Security-How to Configure 802.1x EAP Authentication Security-How to Configure Kerberos Authentication Security-How to Specify a Network Time Protocol NTP Server Location Description Switch SettingsWS 2000 Wireless Switch LED Functions OverviewChanging the Name of the Switch Location field Change the Location and Country Settings of the WSUpdating the WS 2000 Wireless Switch’s Firmware How to Restart the WS 2000 Wireless SwitchPerforming the Firmware Update Checking for and Downloading Firmware updatesExporting and Importing Wireless Switch Settings System ConfigurationTo Import Settings to a Local File To Import or Export Settings to an FTP SiteTo Export Settings to a Local File How to Restore Default Configuration Settings Property Value Setting Up Snmp v1/v2c Community Definitions Remote AdministrationHow to Configure Snmp Traps Setting the Snmp Version ConfigurationAuthPriv Setting Up Snmp v3 Community DefinitionsNoAuth AuthNoPrivSetting the Trap Configuration Setting Up the Access Control ListCold Start AuthenticationConfiguration Trap Trap Name Generates a Trap when… CategorySetting the Trap Configuration for Snmp v1/v2c Setting the Trap Configuration for Snmp Configure Administrator AccessAccess Port Description Configure Management AccessStatistics and Logs Access Port StatisticsSetup AirBEAM Software Access Changing the Administrator and Manager PasswordsGeneral Access Port Information Associated Mobile Units Received and Transmitted TablesSubnet Statistics Transmitted Description Field Received Field DescriptionInterfaces WAN StatisticsReceived Field Description Viewing the Log on the Switch Setting Up and Viewing the System LogSetting Up a Log Server Background Retail Use CasesPlan Contacting the Wireless Switch Configuring the System SettingsEntering the Basic System Settings Setting Access Control IP Address Plan Configuring the SubnetsSubnet IP Address Range For each subnet Configuring POS SubnetConfiguring the Printer Subnet Retail Use Cases Configuring the Cafe Subnet Retail Use Cases Configuring the WAN Interface Configuring Network Address Translation NAT Retail Use Cases Inspecting the Firewall Configuring the Access PortsSetting Access Port Defaults Switch Port Connected toNaming the POS Access Port Configuring the Printer Access Port Configuring the Cafe Access Port Associating the Access Ports to the WLANs Configuring the Cafe Wlan Configuring the WLANsName Printer Configuring the Printer WlanFor the POS WLAN, she makes the following choices Configuring the POS WlanSetting Subnet Access Retail Use Cases Client IP Address Subnet Mask Gateway Port Testing ConnectionsConfiguring the Clients Wireless Authentication Encryption ChannelField Office Example Plan Configuring the System Settings Entering the Basic System Settings Setting Access Control Field Office Example Configuring the Engineering LAN Configuring the LANField Office Example Field Office Example Configuring the Sales Subnet Configuring the WAN Field Office Example Setting Up Network Address Translation Field Office Example Adoption List Label Confirm Firewall ConfigurationAdopting Access Ports MAC Address LocationField Office Example Configuring the WLANs Security Field Office Example Wlan Field Office Example Field Office Example Field Office Example Access Port Channel Configuring Subnet Access Installing the Access Ports and Testing Appendix A. Sample Configuration File NTP menu Wlan 1 configuration set mode 1 enable Wlan 3 configuration set mode 3 disable Default 802.11 a radio configuration set reg a in/out 149 Access Port configuration LAN Dhcp configuration network Firewall configuration set syn enable Outbound 1-To-Many NAT configuration set outb map s1 Page Index FTP Snmp 802.1x EAP authentication