NETGEAR WNDAP620 - page 93

Management and Monitoring

93

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620

Known client

associating with

ad-hoc network

•Detection. Clients that should be connected to the secured

wireless network are instead connected to wireless access

points that are part of an ad hoc network.

•Result. Wireless security might be compromised.

•Solution. The clients are disconnected from the ad hoc

network.

0Trap

AP property

changed •Detection. Unauthorized changes such as a change of SSID,

security settings, or channel are made on a known wireless

access point in the network.

•Result. Wireless security is compromised and clients cannot

connect to the wireless access point.

Note: The IDS detects that the properties of a known wireless

access point in the network are changed, but the IPS does not take

action.

The changes that the IDS detects are listed in a table. The affected

wireless access point is identified by its MAC address. To correct

the situation, access the web management interface of the affected

wireless access point, and reverse the changes.

To remove the detected changes from the table:

1. Select the check box to the left of the wireless access point for

which you want to remove the changes from the table.

2. Above the table, click Delete.

0Trap

Device probing for

access points•Detection. Multiple probe requests (30 or more) are sent to

collect information about the wireless access point for possible

future attacks. For example, it is suspect when there are too

many probe requests with a different SSID from same MAC

address.

•Result. An attack might occur, or wireless security might

become compromised.

•Solution. The wireless access point does not respond to probe

requests that do not contain its SSID.

30 Trap

PS poll flood attack •Attack. Multiple power save (PS)–Poll frames (50 or more) are

sent to the wireless access point from an address that has a

spoofed MAC address of a legitimate client.

•Result. Traffic that is intended for the legitimate client is sent to

the attacking address and is lost.

•Solution. PS-Poll frames without a corresponding traffic

indication map (TIM) are rejected.

50 Trap

Table 24. IDS/IPS policies and policy rules (continued)

Policy Description Policy Rule

Threshold Notification

Contents

Main ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620 Support Trademarks Revision History Contents Chapter 1 Introduction Chapter 2 Installation and Basic Configuration Chapter 3 Wireless Configuration and Security Chapter 4 Management and Monitoring Chapter 5 Advanced Configuration Chapter 6 Troubleshooting Appendix A Supplemental Information Appendix B Command-Line Reference Appendix C Notification of Compliance Index About the ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620 What Is in the Box? System Requirements Key Features and Standards Supported Standards and Conventions Key Featur es Page 802.11b/g/n and 802.11a/n StandardsBased Wireless Networking Autosensing Ethernet Connections with Auto Uplink Hardware Description Top Pan el Introduction ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620 Ghz WLAN Off Wireless 802.11b/g/n (2.4 GHz) LAN is not ready, or Figure 1. Table 1. Top panel LEDs Ghz WLAN Off Wireless 802.11n/a (5 GHz) LAN is not ready, or no 123 4 5 Rear Panel Bottom Panel with Product Label Register the Wireless Access Point Page Page What You Need Before You Begin Wireless Equipment Placement and Range Guidelines Ethernet Cabling Requirements LAN Configuration Requirements Hardware Requirements for Computers on Your LAN Operating Frequency (Channel) Guidelines Requirements for Entering IP Addresses IPv4 IPv6 Install and Configure the Wireless Access Point Connect the Wireless Access Point to a Computer A B Log In to the Wireless Access Point Web Management Interface Configure Basic General System Settings and Time Settings Page Configure the IPv4 Settings Figure 13. 2. Configure the IPv4 settings as explained in the following table: Table 4. IPv4 settings Configure the Optional DHCPv4 Server Configure the Basic Wireless Settings Configure 802.11b/bg/ng Wireless Settings Page 5. Specify the remaining wireless settings as explained the following table: Table 6. Basic 2.4 GHz band wireless settings Configure 802.11a/na Wireless Settings Page 5. Specify the remaining wireless settings as explained the following table: Table 7. Basic 5 GHz band wireless settings Test Basic Wireless Connectivity Mount the Wireless Access Point Ceiling Installation Page Page Wall Installation Page Page Page Wireless Data Security Options Page Security Profiles Page Before You Change the SSID, WEP, and WPA Settings Form for 802.11b/bg/ng Modes Form for 802.11a/an Modes Configure and Enable Security Profiles Page Figure 20. Table 9. Profile definition settings Page Table 10. Profile authentication settings (continued) Configure an Open System with WEP or Shared Key with WEP Figure 22. Configure Legacy 802.1X Table 11. WEP encryption settings Configure WPA with RADIUS, WPA2 with RADIUS, and WPA & WPA2 with RADIUS Configure WPA-PSK, WPA2-PSK, and WPA-PSK & WPA2-PSK Configure RADIUS Server Settings Page Table 14. RADIUS server settings for IPv4 and IPv6 (continued) Restrict Wireless Access by MAC Address Schedule the Wireless Radio to Be Turned Off Configure Basic Wireless Quality of Service Page Enable Remote Management SNMP Management Figure 34. 2. Specify the settings as explained in the following table: Table 16. SNMP settings Secure Shell and Telnet Management Upgrade the Wireless Access Point Software Web Browser Upgrade Procedure TFTP Server Upgrade Procedure Manage the Configuration File or Reset to Factory Defaults Save the Configuration Restore the Configuration Restore the Wireless Access Point to the Factory Default Use the Web Management Interface to Restore Factory Default Settings Use the Reset Button to Restore Factory Default Settings Reboot the Wireless Access Point without Restoring the Default Configuration Change the Administrator Password Manage User Accounts Enable the Syslog Server Monitor the Wireless Access Point View System Information Page The following table explains the fields of the System screen: Table 19. System screen fields Monitor Wireless Stations Page The following table explains the fields of the Wireless Stations Details screen: Table 20. Wireless stations details fields View the Activity Log Traffic Statistics Figure 50. Table 21. Statistics fields Enable Rogue AP Detection and Monitor Access Points Enable and Configure Rogue AP Detection Page View and Save Access Point Lists Page Configure Wireless Intrusion Detection and Prevention Configure Wireless Intrusion Detection and Prevention Policy Page Page Page Page Page Configure Wireless Intrusion Detection and Prevention Mail Monitor Traps, Counters, and Ad Hoc Networks Most Recent Attacks Attack Counter Page Figure 58. Table 27. Ad hoc network fields Configure IPv6 Settings and Optional DHCPv6 Server Settings Configure the IPv6 Settings Page Configure the Optional DHCPv6 Server Figure 60. 2. Configure the settings as explained in the following table: Table 29. DHCP server settings for IPv6 Configure Spanning Tree Protocol, 802.1Q VLAN, and Link Layer Discovery Protocol Configure STP and VLANs Page Configure Ethernet LLDP Configure Hotspot Settings Configure Advanced Wireless Settings Figure 64. Table 31. Advanced wireless settings Table 31. Advanced wireless settings (continued) Configure Advanced Quality of Service Settings Figure 65. Table 32. EDCA settings Configure Quality of Service Policies Page Table 33. QoS classification settings Table 33. QoS classification settings (continued) 6. Optional: Specify rate limiting for the classification as explained in the following table: Table 34. Classification rate limiting settings Table 33. QoS classification settings (continued) Page Configure Wireless Bridging Configure a Point-to-Point Wireless Network Page Page Page Configure a Point-to-Multipoint Wireless Network Page g. Specify the settings as explained in the following table: Table 37. Point-to-multipoint bridge profile and authentication settings Page Page Page Figure 75. g. Specify the settings as explained in the following table: Table 38. Wireless signal repeating profile and authentication settings Page Page Page Basic Functioning Verify the Correct Sequence of Events at Startup No LEDs Are Lit on the Wireless Access Point The Active LED or the LAN LED Is Not Lit The WLAN LED Does Not Light Up You Cannot Access the Internet or the LAN from a Wireless-Capable Computer You Cannot Configure the Wireless Access Point from a Browser When You Enter a URL or IP Address a Time-Out Error Occurs Troubleshoot a TCP/IP Network Using the Ping Utility Test the LAN Path to Your Wireless Access Point Test the Path from Your Computer to a Remote Device Problems with Date and Time Use the Packet Capture Tool A A. Supplemental Information Technical Specifications Table 39. Technical specifications Page Table 39. Technical specifications (continued) Factory Default Settings Page Page Page B B. Command-Line Reference Page Page Page Page Page Page Page Page Page Page Page Page Page Page C C. Notification of Compliance NETGEAR Dual Band - Wireless Regulatory Compliance Information Europe - EU Declaration of Conformity EDOC in Languages of the European Community Page FCC Requirements for Operation in the United States FCC Information to User FCC Guidelines for Human Exposure (Radiation Exposure Statement) FCC Declaration of Conformity FCC Radio Frequency Interference Warnings & Instructions Radiation Exposure Statement: Industry Canada IMPORTANT NOTE: Radiation Exposure Statement Caution Industrie Canada Avertissement Detachable Antenna Usage Index Numerics A B C D E F G H I J M N O P Q R S T U V W