System Configuration | SMC Networks SMC2555W-AG instruction

System Configuration

Note: To implement WPA on wireless clients requires a WPA-enabled network card driver and 802.1x client software that supports the EAP authentication type that you want to use. Windows XP provides native WPA support, other systems require additional software.

Temporal Key Integrity Protocol (TKIP): WPA specifies TKIP as the data encryption method to replace WEP. TKIP avoids the problems of WEP static keys by dynamically changing data encryption keys. Basically, TKIP starts with a master (temporal) key for each user session and then mathematically generates other keys to encrypt each data packet. TKIP provides further data encryption enhancements by including a message integrity check for each packet and a re-keying mechanism, which periodically changes the master key.

WPA Pre-Shared Key (PSK) Mode: For enterprise deployment, WPA requires a RADIUS authentication server to be configured on the wired network. However, for small office networks that may not have the resources to configure and maintain a RADIUS server, WPA provides a simple operating mode that uses just a pre-shared password for network access. The Pre-Shared Key mode uses a common password for user authentication that is manually entered on the access point and all wireless clients. The PSK mode uses the same TKIP packet encryption and key management as WPA in the enterprise, providing a robust and manageable alternative for small networks.

Mixed WPA and WEP Client Support: WPA enables the access point to indicate its supported encryption and authentication mechanisms to clients using its beacon signal. WPA-compatible clients can likewise respond to indicate their WPA support. This enables the access point to determine which clients are using WPA security and which are using legacy WEP. The access point uses TKIP unicast data encryption keys for WPA clients and WEP unicast keys for WEP clients. The global encryption key for

5-58

Image 116

SMC Networks SMC2555W-AG manual System Configuration

Contents

SMC2555W-AG Page Revision Number R02, F3.0.02 Copyright Trademarks Limited Warranty Limited Warranty FCC Radiation Exposure Statement Wireless 2.4 Ghz and 5 GHz Band StatementsFederal Communication Commission Interference Statement Industry Canada Class B Japan Vcci Class B Australia/New Zealand AS/NZS EC Conformance Declaration Compliances Operation Using 5 GHz Channels in the European Community Declaration of Conformity in Languages of the European Viii Community Safety Compliance Power Cord Safety Cord set must be UL-approved and CSA certified France et Pérou uniquement Xii Xiii Xiv Table of Contents Command Line Interface Xvi Xvii Xviii Glossary Index Table of Contents Chapter Introduction Package Checklist Introduction Hardware Description Hardware DescriptionFront Panel Rear Panel Antennas LED IndicatorsComponent Description Security Slot Ethernet Port Reset ButtonConsole Port Power Connector Features and BenefitsFeatures and Benefits Applications Frequently changing environments System Defaults System Defaults MAC System Defaults Iapp 802.11b/g Introduction Hardware Installation Hardware Installation Attaching the Mounting Bracket Hardware Installation Hardware Installation Network Configuration Network Topologies Network ConfigurationAd Hoc Wireless LAN no AP or Bridge Infrastructure Wireless LAN Network Topologies Infrastructure Wireless LAN for Roaming Wireless PCs Seamless Roaming Network Configuration Initial Setup through the CLI Required Connections Initial Configuration Initial Setup through the CLI Initial Configuration Steps Using the Web-based Management Setup Wizard Using the Web-based Management Setup Wizard Initial Configuration Using the Web-based Management Setup Wizard 802.11g Radio Channel Set the operating radio Using the Web-based Management Setup Wizard Initial Configuration System Configuration Advanced Configuration System Configuration Advanced Configuration System Identification Disabled TCP / IP Settings Advanced Configuration System Configuration SMC-APconfig#interface ethernet Radius Advanced Configuration Authentication fails. Range 1-30 Default SMC-APconfig#radius-server address Authentication Advanced Configuration System Configuration Advanced Configuration Local Allowed Secs Filter Control Number Radius Attribute Value Advanced Configuration Native Vlan AP Management Snmp Advanced Configuration SMC-APconfig#snmp-server host 10.1.19.23 alpha Administration Changing the Password SMC-APconfig#username bob SMC-APconfig#password smcadmin Upgrading Firmware System Configuration Advanced Configuration File Size System Log Enabling System Logging Error Level Description Configuring Sntp System Configuration Show sntp command TAIPEI, Beijing Radio Interface Radio Settings 802.11a Radio Interface Normal Mode Turbo Mode Radio Interface Enter Wireless configuration commands, one per line Enabled Radio Settings 802.11g Radio Interface SMC-APif-wireless g#select-antenna-mode right antenna Ssid Security WEP Wired Equivalent Privacy WEP Radio Interface WEP only WEP over Show interface wireless g command PRE Shared KEY Wi-Fi Protected Access WPA System Configuration Radio Interface System Configuration WPA pre-shared key only WPA over Show interface wireless a or show interface wireless g Command not shown in example Status Information Access Point StatusStatus Information System Configuration Days, 4 hours, 39 minutes Station Status True Event Logs 192.168.1.19 System Configuration Console Connection Using the Command Line InterfaceAccessing the CLI Command Line Interface Telnet Connection Keywords and Arguments Entering CommandsEntering Commands Command Completion Getting Help on CommandsShowing Commands Minimum Abbreviation Partial Keyword Lookup Understanding Command Modes Negating the Effect of CommandsUsing Command History Exec Commands Configuration Commands Command Line Processing Keystroke Function Entering Commands Command Groups Command Description Group Configure General CommandsGeneral Commands End Exit Syntax Command UsagePing Show history ResetSyntax Reset board configuration Console port settings are fixed at the values shown below Show line System Management Commands Command Function Mode System Management Commands System Clock Country Country countrycode SMC-AP#country ie Prompt System nameSyntax Prompt string no prompt Syntax System name name no system name Username Syntax Username name Password Syntax Password password no passwordIp http port Syntax Ip http port port-numberno ip http port Syntax Ip http server no ip http server Default Setting Ip http server Logging host Syntax Logging on no logging on Default SettingLogging on Syntax Logging console no logging console Default Setting Logging console Logging level Level Argument Description Default Setting Command Mode Syntax Show logging Command ModeLogging facility-type Show logging Sntp-server ip Syntax Sntp-server ip 1 2 ip Sntp-server enable Sntp-server date-time This example sets the system clock to 1737 June 19 Sntp-server daylight-saving Syntax Sntp-server timezone hours Sntp-server timezoneShow sntp Show system Show version Snmp-server community Snmp CommandsSnmp Commands Snmp-server contact Syntax Snmp-server contact string no snmp-server contact Snmp-server enable server Snmp-server host No snmp-server host Snmp-server location Syntax Snmp-server location text no snmp-server location Flash/File Commands Show snmp Syntax Bootfile filename Flash/File CommandsBootfile Syntax Copy ftp tftp file copy config ftp tftp Copy Delete Dir File information is shown below Radius Client Radius Client Syntax Radius-server secondary port portnumber Radius-server addressRadius-server port Radius-server key Radius-server retransmitSyntax Radius-server secondary key keystring Syntax Radius-server secondary retransmit numberofretries Radius-server timeout Syntax Radius-server secondary timeout numberofseconds Show radius 802.1x Port Authentication Syntax 802.1x supported required no 802.1x Port Authentication802.1x 802.1x broadcast-key-refresh-rate Syntax 802.1x broadcast-key-refresh-rate rate 802.1x session-key-refresh-rate Syntax 802.1x session-key-refresh-rate rate 802.1x session-timeout Address filter defaultDefault Syntax Address filter default allowed denied Address filter entry Syntax Address filter entry mac-addressallowed denied Address filter delete Syntax Address filter delete mac-address Mac-authentication server Syntax Mac-authentication server local remote Mac-authentication session-timeout Syntax Mac-authentication session-timeout seconds Show authentication Filter local-bridge Filtering CommandsSyntax Filter local-bridge no filter local-bridge Default Filter ap-manage Filtering CommandsSyntax Filter ap-manage no filter ap-manage Default Filter ethernet-type enable Filter ethernet-type protocol Interface Commands Show filters Interface Commands IC-W Transmit-power Dns server Syntax Interface ethernet wireless a gInterface Ip address This example specifies two domain-name servers IP address Netmask Syntax Ip dhcp no ip dhcp Default Setting Ip dhcp Syntax Shutdown no shutdown Default Setting ShutdownShow interface ethernet Syntax Show interface ethernet Radio-mode Syntax Radio-mode b g b+g Select-antenna-mode Syntax Select-antenna-mode diversity right antenna Syntax Ssid-broadcast no ssid-broadcast Default Setting DescriptionSsid-broadcast Syntax Description string no description Speed Syntax Speed speed Channel Syntax Channel channel auto Turbo Syntax Beacon-interval interval SsidBeacon-interval Dtim-period Syntax Dtim-period interval Syntax Fragmentation-length length Default Setting 2346 Command ModeFragmentation-length Rts-threshold Syntax Rts-threshold threshold Syntax Authentication open shared Encryption Key Key index size type value no key index Transmit-key Syntax Transmit-key index Transmit-power Transmit-powersignal-strength Max-association Syntax Max-association count Multicast-cipher Syntax Multicast-cipher AES Tkip WEP Wpa-clients Syntax Wpa-clients required supported Enhanced Data Encryption through Tkip Wpa-mode Syntax Wpa-mode dynamic pre-shared-key Wpa-preshared-key Syntax Wpa-preshared-key type value Wpa-psk-type Syntax Wpa-psk-type type Show interface wireless Syntax Show interface wireless a g Ssid SMC Show station Iapp Iapp CommandsSyntax Iapp no iapp Default Vlan Commands Vlan Commands Vlan Syntax Vlan enable no vlan DefaultCommand Description Native-vlanid Syntax Native-vlanid vlan-id 102 Appendix a Troubleshooting Troubleshooting Troubleshooting Maximum Distance Table Important Notice Appendix B Cables and Pinouts Twisted-Pair Cable Assignments Cables and Pinouts 10/100BASE-TX Pin Assignments Twisted-Pair Cable Assignments Straight-Through WiringCrossover Wiring Wiring Map for Serial Cable Console Port Pin Assignments Console Port Pin Assignments Serial Cable Signal Directions for DB-9 PortsSerial Cable Signal Directions for DB-25 Ports Cables and Pinouts General Specifications Specifications General Specifications Sensitivity Ieee 802.11a Sensitivity GHz dBm Modulation/Rates Transmit Power Specifications Access Point AuthenticationAd Hoc Advanced Encryption Standard AES Glossary Extended Service Set ESS Extensible Authentication Protocol EAPEthernet File Transfer Protocol FTP Inter Access Point Protocol Iapp Ieee 802.11bIeee 802.11g Ieee Power over Ethernet PoE Network Time Protocol NTPOpen System Orthogonal Frequency Division Multiplexing Odfm Service Set Identifier Ssid Session KeyShared Key Simple Network Management Protocol Snmp Wi-Fi Protected Access Trivial File Transfer Protocol TftpVirtual LAN Vlan WPA Pre-shared Key PSK Glossary-8 Index Index Index-3 Index-4 Page For Technical SUPPORT, Call