ZyXEL Communications B500 Wireless LAN Access Point User Manual P650H 17 ADSL Router User s Guide

ZyXEL Communications Corporation Wireless LAN Access Point P650H 17 ADSL Router User s Guide

UserManual.wiki >

ZyXEL Communications >

B500 User Manual >

Users Manual 2 HTML Version

1. Users Manual 1
2. Users Manual 2

Users Manual 2

SMT Configuration

Part V:

SMT CONFIGURATION

This part contains SMT (System Management Terminal) configuration and background

information for features only configurable by SMT.

See the web configurator parts of this guide for background information on

features configurable by web configurator and SMT.

BETA DRAFT

ZyAIR B-500 Wireless Access Point User’s Guide

Introducing the SMT 10-1

Chapter 10

Introducing the SMT

This chapter describes how to access the SMT and provides an overview of its menus.

10.1 Connect to your ZyAIR Using Telnet

The following procedure details how to telnet into your ZyAIR.

Step 1. In Windows, click Start (usually in the bottom left corner), Run and then type “telnet

192.168.1.2” (the default IP address) and click OK.

Step 2. For your first login, enter the default password “1234”. As you type the password, the screen

displays an asterisk “*” for each character you type.

Figure 10-1 Login Screen

Step 3. After entering the password you will see the main menu.

Please note that if there is no activity for longer than five minutes (default timeout period) after you log in,

your ZyAIR will automatically log you out. You will then have to telnet into the ZyAIR again. You can use

the web configurator or the CI commands to change the inactivity time out period.

10.2 Changing the System Password

Change the ZyAIR default password by following the steps shown next.

Step 1. From the main menu, enter 23 to display Menu 23 – System Security.

Step 2. Enter 1 to display Menu 23.1 – System Security – Change Password as shown next.

Step 3. Type your existing system password in the Old Password field, and press [ENTER].

Password : ****

ZyAIR B-500 Wireless Access Point User’s Guide

10-2 Introducing the SMT

Figure 10-2 Menu 23.1 System Security : Change Password

Step 4. Type your new system password in the New Password field (up to 30 characters), and press

[ENTER].

Step 5. Re-type your new system password in the Retype to confirm field for confirmation and press

[ENTER].

Note that as you type a password, the screen displays an asterisk “*” for each character you type.

10.3 ZyAIR SMT Menu Overview Example

The following figure gives you an example overview of the various SMT menu screens for your ZyAIR.

Menu 23.1 – System Security – Change Password

Old Password= ****

New Password= ?

Retype to confirm= ?

Enter here to CONFIRM or ESC to CANCEL:

ZyAIR B-500 Wireless Access Point User’s Guide

Introducing the SMT 10-3

ZyAIR B-500

Main Menu

Menu 1

General Setup

Menu 3

LAN Setup

Menu 3.5

Wireless LAN

Setup

Menu 3.2

TCP/IP Setup

Menu 3.5.1

WLAN MAC

Address Filter

Menu 3.5.2

Roaming

Configuration

Menu 14

Dial-in User Setup

Menu14.1

Edit Dial-in User

Menu 22

SNMP

Configuration

Menu 23

System Security

Menu 23.1

System Security-

Change Password

Menu 23.2

System Security-

RADIUS Server

Menu 23.4

System Security-

IEEE802.1x

Menu 24

System

Maintenance

Menu 24.1

System Maintenance

- Status

Menu 24.2

System Information and

Console Port Speed

Menu 24.3

System Maintenance

- Log and Trace

Menu 24.5

Backup

Configuration

Menu 24.6

Restore

Configuration

Menu 24.2.2

System Maintenance

- Change Console Port

Speed

Menu 24.3.1

System Maintenance

- View Error Log

Menu 24.7.2

Upload System

Configuration File

Menu 24.2.1

System Maintenance

- Information

Menu 24.7

Upload Firmware

Menu 24.7.1

Upload System

Firmware

Menu 24.8

Command

Interpreter Mode

Menu 24.10

Time and Date

Setting

Menu 24.4

System Maintenance

- Diagnostic

Figure 10-3 ZyAIR B-500 SMT Menu Overview Example

ZyAIR B-500 Wireless Access Point User’s Guide

10-4 Introducing the SMT

10.4 Navigating the SMT Interface

The SMT (System Management Terminal) is the interface that you use to configure your ZyAIR.

Several operations that you should be familiar with before you attempt to modify the configuration are

listed in the table below.

Table 10-1 Main Menu Commands

OPERATION KEYSTROKE DESCRIPTION

Move down to

another menu

[ENTER] To move forward to a submenu, type in the number of the desired

submenu and press [ENTER].

Move up to a

previous menu

[ESC] Press [ESC] to move back to the previous menu.

Move to a “hidden”

Press [SPACE

BAR] to change No

to Yes then press

[ENTER].

Fields beginning with “Edit” lead to hidden menus and have a

default setting of No. Press [SPACE BAR] once to change No to

Yes, then press [ENTER] to go to the “hidden” menu.

Move the cursor [ENTER] or

[UP]/[DOWN] arrow

keys.

Within a menu, press [ENTER] to move to the next field. You can

also use the [UP]/[DOWN] arrow keys to move to the previous

and the next field, respectively.

Entering

information

Type in or press

[SPACE BAR], then

press [ENTER].

You need to fill in two types of fields. The first requires you to type

in the appropriate information. The second allows you to cycle

through the available choices by pressing [SPACE BAR].

Required fields <?> or ChangeMe All fields with the symbol <?> must be filled in order to be able to

save the new configuration.

All fields with ChangeMe must not be left blank in order to be

able to save the new configuration.

N/A fields <N/A> Some of the fields in the SMT will show a <N/A>. This symbol

refers to an option that is Not Applicable.

Save your

configuration

[ENTER] Save your configuration by pressing [ENTER] at the message

“Press ENTER to confirm or ESC to cancel”. Saving the data on

the screen will take you, in most cases to the previous menu.

Exit the SMT Type 99, then press

[ENTER].

Type 99 at the main menu prompt and press [ENTER] to exit the

SMT interface.

After you enter the password, the SMT displays the main menu, as shown next.

ZyAIR B-500 Wireless Access Point User’s Guide

Introducing the SMT 10-5

Figure 10-4 ZyAIR B-500 SMT Main Menu

10.4.1 System Management Terminal Interface Summary

Table 10-2 Main Menu Summary

# MENU TITLE DESCRIPTION

1 General Setup Use this menu to set up your general information.

3 LAN Setup Use this menu to set up your LAN and WLAN connection.

14 Dial-in User Setup Use this menu to set up local user profiles on the ZyAIR.

22 SNMP Configuration Use this menu to set up SNMP related parameters.

23 System Security Use this menu to change your password and enable network user

authentication.

24 System Maintenance This menu provides system status, diagnostics, software upload, etc.

99 Exit Use this to exit from SMT and return to a blank screen.

ZyAIR B-500 Main Menu

Getting Started Advanced Management

1. General Setup 22. SNMP Configuration

3. LAN Setup 23. System Security

24. System Maintenance

Advanced Applications

14. Dial-in User Setup

99. Exit

Enter Menu Selection Number:

ZyAIR B-500 Wireless Access Point User’s Guide

General Setup 11-1

Chapter 11

General Setup

The chapter shows you the information on general setup.

11.1 General Setup

Menu 1 – General Setup contains administrative and system-related information (shown next). The

System Name field is for identification purposes. It is recommended you type your computer's "Computer

name".

The Domain Name entry is what is propagated to the DHCP clients on the LAN. This is not a required

field. Leave this field blank or enter the domain name here if you know it.

11.1.1 Procedure To Configure Menu 1

Step 1. Enter 1 in the Main Menu to open Menu 1 – General Setup as shown next.

Figure 11-1 Menu 1 General Setup

Step 2. Fill in the required fields. Refer to the following table for more information about these fields.

Menu 1 - General Setup

System Name= B-500

Domain Name=

First System DNS Server= From DHCP

IP Address= N/A

Second System DNS Server= None

IP Address= N/A

Third System DNS Server= None

IP Address= N/A

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

11-2 General Setup

Table 11-1 Menu 1 General Setup

FIELD DESCRIPTION EXAMPLE

System Name Choose a descriptive name for identification purposes. This name can

be up to 30 alphanumeric characters long. Spaces are not allowed, but

dashes “-” and underscores "_" are accepted.

B-500

Domain Name This is not a required field. Leave this field blank or enter the domain

name here if you know it.

First/Second/Third

System DNS

Server

Press [SPACE BAR] to select From DHCP, User Defined or None and

press [ENTER].

These fields are not available on all models.

From DHCP

IP Address Enter the IP addresses of the DNS servers. This field is available when

you select User-Defined in the field above.

N/A

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save

your configuration, or press [ESC] at any time to cancel.

ZyAIR B-500 Wireless Access Point User’s Guide

LAN Setup 12-1

Chapter 12

LAN Setup

This chapter shows you how to configure the LAN on your ZyAIR..

12.1 LAN Setup

This section describes how to configure the Ethernet using Menu 3 – LAN Setup. From the main menu,

enter 3 to display menu 3.

Figure 12-1 Menu 3 LAN Setup

12.2 TCP/IP Ethernet Setup

Use menu 3.2 to configure your ZyAIR for TCP/IP.

To edit menu 3.2, enter 3 from the main menu to display Menu 3-LAN Setup. When menu 3 appears, press

2 and press [ENTER] to display Menu 3.2-TCP/IP Setup, as shown next.

Figure 12-2 Menu 3.2 TCP/IP Setup

Follow the instructions in the following table on how to configure the fields in this menu.

Menu 3 - LAN Setup

2. TCP/IP Setup

5. Wireless LAN Setup

Enter Menu Selection Number:

Menu 3.2 - TCP/IP Setup

IP Address Assignment= Static

IP Address= 192.168.1.2

IP Subnet Mask= 255.255.255.0

Gateway IP Address= 0.0.0.0

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

12-2 LAN Setup

Table 12-1 Menu 3.2 TCP/IP Setup

FIELD DESCRIPTION EXAMPLE

IP Address

Assignment

Press [SPACE BAR] and then [ENTER] to select Dynamic to have the

ZyAIR obtain an IP address from a DHCP server. You must know the

IP address assigned to the ZyAIR (by the DHCP server) to access the

ZyAIR again.

Select Static to give the ZyAIR a fixed, unique IP address. Enter a

subnet mask appropriate to your network and the gateway IP address if

applicable.

IP Address Enter the (LAN) IP address of your ZyAIR in dotted decimal notation 192.168.1.2

IP Subnet Mask Your ZyAIR will automatically calculate the subnet mask based on the

IP address that you assign. Unless you are implementing subnetting,

use the subnet mask computed by the ZyAIR.

255.255.255.0

Gateway IP

Address

Type the IP address of the gateway. The gateway is an immediate

neighbor of your ZyAIR that will forward the packet to the destination.

On the LAN, the gateway must be a router on the same network

segment as your ZyAIR.

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save

your configuration, or press [ESC] at any time to cancel.

12.3 Wireless LAN Setup

Use menu 3.5 to set up your ZyAIR as the wireless access point. To edit menu 3.5, enter 3 from the main

menu to display Menu 3 – LAN Setup. When menu 3 appears, press 5 and then press [ENTER] to display

Menu 3.5 – Wireless LAN Setup as shown next.

ZyAIR B-500 Wireless Access Point User’s Guide

LAN Setup 12-3

Figure 12-3 Menu 3.5 Wireless LAN Setup

The following table describes the fields in this menu.

Table 12-2 Menu 3.5 Wireless LAN Setup

FIELD DESCRIPTION EXMAPLE

ESSID The ESSID (Extended Service Set IDentity) identifies the AP the wireless

station is to associate to. Wireless stations associating to the AP must have

the same ESSID. Enter a descriptive name up to 32 printable 7-bit ASCII

characters.

Wireless

Hide ESSID Press [SPACE BAR] and select Yes to hide the ESSID in the outgoing data

frame so an intruder cannot obtain the ESSID through passive scanning.

Channel ID Press [SPACE BAR] to select a channel. This allows you to set the operating

frequency/channel depending on your particular region. CH01

2412MHz

RTS

Threshold Setting this attribute to zero turns on the RTS/CTS handshake. Enter a value

between 0 and 2432.

2432

Frag.

Threshold This is the maximum data fragment size that can be sent. Enter a value

between 256 and 2432. 2432

WEP

Encryption Select Disable to allow wireless stations to communicate with the access

points without any data encryption.

Select 64-bit WEP or 128-bit WEP to enable data encryption.

Disable

Menu 3.5 - Wireless LAN Setup

ESSID= Wireless

Hide ESSID= No

Channel ID= CH06 2437MHz

RTS Threshold= 2432

Frag. Threshold= 2432

WEP Encryption= Disable

Default Key= N/A

Key1= N/A

Key2= N/A

Key3= N/A

Key4= N/A

Authen. Method= N/A

Edit MAC Address Filter= No

Edit Roaming Configuration= No

Block Intra-BSS Traffic= No

Number of Associated Stations= 32

Output Power= 17dBm

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

12-4 LAN Setup

Table 12-2 Menu 3.5 Wireless LAN Setup

FIELD DESCRIPTION EXMAPLE

Default Key Enter the key number (1 to 4) in this field. Only one key can be enabled at

any one time. This key must be the same on the ZyAIR and the wireless

stations to communicate.

Key 1 to Key 4 The WEP keys are used to encrypt data. Both the ZyAIR and the wireless

stations must use the same WEP key for data transmission.

If you chose 64-bit WEP in the WEP Encryption field, then enter any 5

ASCII characters or 10 hexadecimal characters ("0-9", "A-F").

If you chose 128-bit WEP in the WEP Encryption field, then enter 13 ASCII

characters or 26 hexadecimal characters ("0-9", "A-F").

Enter “0x” before the key to denote a hexadecimal key.

Don’t enter “0x” before the key to denote an ASCII key.

0x12345ab

cde

Authen.

Method

Press [SPACE BAR] to select Auto, Open System Only or Shared Key

Only and press [ENTER].

This field is N/A if WEP is not activated.

If WEP encryption is activated, the default setting is Auto.

Auto

Edit MAC

Address Filter

Press [SPACE BAR] to select Yes and press [ENTER] to display menu

3.5.1. See the section on MAC address filter for more information.

Edit Roaming

Configuration

Press [SPACE BAR] to select Yes and press [ENTER] to display menu

3.5.2. See the section on roaming configuration for more information.

Block Intra-

BSS Traffic

Press [SPACE BAR] to select Yes or No and press [ENTER]. No

Number of

Association

Stations

Enter the number of association stations. The number should be from 1 to

32.

Output Power Press [SPACE BAR] to select 11dBm, 14dBm or 17dBm and press

[ENTER].

17dBm

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to

cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

ZyAIR B-500 Wireless Access Point User’s Guide

LAN Setup 12-5

12.3.1 Configuring MAC Address Filter

Your ZyAIR checks the MAC address of the wireless station device against a list of allowed or denied

MAC addresses. However, intruders could fake allowed MAC addresses so MAC-based authentication is

less secure than EAP authentication.

Follow the steps below to create the MAC address table on your ZyAIR.

Step 1. From the main menu, enter 3 to open Menu 3 – LAN Setup.

Step 2. Enter 5 to display Menu 3.5 – Wireless LAN Setup.

Figure 12-4 Menu 3.5 Wireless LAN Setup

Step 3. In the Edit MAC Address Filter field, press [SPACE BAR] to select Yes and press

[ENTER]. Menu 3.5.1 – WLAN MAC Address Filter displays as shown next.

Menu 3.5 - Wireless LAN Setup

ESSID= Wireless

Hide ESSID= No

Channel ID= CH06 2437MHz

RTS Threshold= 2432

Frag. Threshold= 2432

WEP Encryption= Disable

Default Key= N/A

Key1= N/A

Key2= N/A

Key3= N/A

Key4= N/A

Authen. Method= N/A

Edit MAC Address Filter= Yes

Edit Roaming Configuration= No

Block Intra-BSS Traffic= No

Number of Associated Stations= 32

Output Power= 17dBm

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

12-6 LAN Setup

Figure 12-5 Menu 3.5.1 WLAN MAC Address Filter

The following table describes the fields in this menu.

Table 12-3 Menu 3.5.1 WLAN MAC Address Filter

FIELD DESCRIPTION

Active To enable MAC address filtering, press [SPACE BAR] to select Yes and press [ENTER].

Filter Action Define the filter action for the list of MAC addresses in the MAC address filter table.

To deny access to the ZyAIR, press [SPACE BAR] to select Deny Association and press

[ENTER]. MAC addresses not listed will be allowed to access the ZyAIR.

The default action, Allowed Association, permits association with the ZyAIR. MAC

addresses not listed will be denied access to the ZyAIR.

MAC Address Filter

1..32 Enter the MAC addresses (in XX:XX:XX:XX:XX:XX format) of the client computers that are

allowed or denied access to the ZyAIR in these address fields.

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to

cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

Menu 3.5.1 - WLAN MAC Address Filter

Active= No

Filter Action= Allowed Association

------------------------------------------------------------------------------

1= 00:00:00:00:00:00 13= 00:00:00:00:00:00 25= 00:00:00:00:00:00

2= 00:00:00:00:00:00 14= 00:00:00:00:00:00 26= 00:00:00:00:00:00

3= 00:00:00:00:00:00 15= 00:00:00:00:00:00 27= 00:00:00:00:00:00

4= 00:00:00:00:00:00 16= 00:00:00:00:00:00 28= 00:00:00:00:00:00

5= 00:00:00:00:00:00 17= 00:00:00:00:00:00 29= 00:00:00:00:00:00

6= 00:00:00:00:00:00 18= 00:00:00:00:00:00 30= 00:00:00:00:00:00

7= 00:00:00:00:00:00 19= 00:00:00:00:00:00 31= 00:00:00:00:00:00

8= 00:00:00:00:00:00 20= 00:00:00:00:00:00 32= 00:00:00:00:00:00

9= 00:00:00:00:00:00 21= 00:00:00:00:00:00

10= 00:00:00:00:00:00 22= 00:00:00:00:00:00

11= 00:00:00:00:00:00 23= 00:00:00:00:00:00

12= 00:00:00:00:00:00 24= 00:00:00:00:00:00

------------------------------------------------------------------------------

Enter here to CONFIRM or ESC to CANCEL:

ZyAIR B-500 Wireless Access Point User’s Guide

LAN Setup 12-7

12.3.2 Configuring Roaming

Enable the roaming feature if you have two or more ZyAIRs on the same subnet. Follow the steps below to

allow roaming on your ZyAIR.

Step 1. From the main menu, enter 3 to display Menu 3 – LAN Setup.

Step 2. Enter 5 to display Menu 3.5 – Wireless LAN Setup.

Figure 12-6 Menu 3.5 Wireless LAN Setup

Step 3. Move the cursor to the Edit Roaming Configuration field. Press [SPACE BAR] to select Yes

and then press [ENTER]. Menu 3.5.2 – Roaming Configuration displays as shown next.

Figure 12-7 Menu 3.5.2 Roaming Configuration

The following table describes the fields in this menu.

Menu 3.5.2 - Roaming Configuration

Active= Yes

Port #= 16290

Press ENTER to Confirm or ESC to Cancel:

Menu 3.5 - Wireless LAN Setup

ESSID= Wireless

Hide ESSID= No

Channel ID= CH06 2437MHz

RTS Threshold= 2432

Frag. Threshold= 2432

WEP Encryption= Disable

Default Key= N/A

Key1= N/A

Key2= N/A

Key3= N/A

Key4= N/A

Authen. Method= N/A

Edit MAC Address Filter= No

Edit Roaming Configuration= Yes

Block Intra-BSS Traffic= No

Number of Associated Stations= 32

Output Power= 17dBm

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

12-8 LAN Setup

Table 12-4 Menu 3.5.2 Roaming Configuration

FIELD DESCRIPTION

Active Press [SPACE BAR] and then [ENTER] to select Yes to enable roaming on the ZyAIR if you

have two or more ZyAIRs on the same subnet.

Port # Type the port number to communicate roaming information between access points. The port

number must be the same on all access points. The default is 16290. Make sure this port is

not used by other services.

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to

cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

ZyAIR B-500 Wireless Access Point User’s Guide

Dial-in User Setup 13-1

Chapter 13

Dial-in User Setup

This chapter shows you how to create user accounts on the ZyAIR.

13.1 Dial-in User Setup

By storing user profiles locally, your ZyAIR is able to authenticate wireless users without interacting with a

network RADIUS server.

Follow the steps below to set up user profiles on your ZyAIR.

Step 1. From the main menu, enter 14 to display Menu 14 - Dial-in User Setup.

Figure 13-1 Menu 14- Dial-in User Setup

Step 2. Type a number and press [ENTER] to edit the user profile.

Figure 13-2 Menu 14.1- Edit Dial-in User

The following table describes the fields in this screen.

Menu 14 - Dial-in User Setup

1. ________ 9. ________ 17. ________ 25. ________

2. ________ 10. ________ 18. ________ 26. ________

3. ________ 11. ________ 19. ________ 27. ________

4. ________ 12. ________ 20. ________ 28. ________

5. ________ 13. ________ 21. ________ 29. ________

6. ________ 14. ________ 22. ________ 30. ________

7. ________ 15. ________ 23. ________ 31. ________

8. ________ 16. ________ 24. ________ 32. ________

Enter Menu Selection Number:

Menu 14.1 - Edit Dial-in User

User Name= test

Active= Yes

Password= ********

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

13-2 Dial-in User Setup

Table 13-1 Menu 14.1- Edit Dial-in User

FIELD DESCRIPTION

User Name Enter a username up to 31 alphanumeric characters long for this user profile.

This field is case sensitive.

Active Press [SPACE BAR] to select Yes and press [ENTER] to enable the user profile.

Password Enter a password up to 31 characters long for this user profile.

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to

cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

ZyAIR B-500 Wireless Access Point User’s Guide

SNMP Configuration 14-1

Chapter 14

SNMP Configuration

This chapter explains SNMP Configuration menu 22.

14.1 About SNMP

Simple Network Management Protocol is a protocol used for exchanging management information between

network devices. SNMP is a member of the TCP/IP protocol suite. Your ZyAIR supports SNMP agent

functionality, which allows a manager station to manage and monitor the ZyAIR through the network. The

ZyAIR supports SNMP version one (SNMPv1) and version two c (SNMPv2c). The next figure illustrates

an SNMP management operation. SNMP is only available if TCP/IP is configured.

Figure 14-1 SNMP Management Model

An SNMP managed network consists of two main components: agents and a manager.

ZyAIR B-500 Wireless Access Point User’s Guide

14-2 SNMP Configuration

An agent is a management software module that resides in a managed device (the ZyAIR). An agent

translates the local management information from the managed device into a form compatible with SNMP.

The manager is the console through which network administrators perform network management functions.

It executes applications that control and monitor managed devices.

The managed devices contain object variables/managed objects that define each piece of information to be

collected about a device. Examples of variables include the number of packets received, node port status

etc. A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager

and agents to communicate for the purpose of accessing these objects.

SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a

request and the agent returns responses using the following protocol operations:

• Get - Allows the manager to retrieve an object variable from the agent.

• GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent.

In SNMPv1, when a manager wants to retrieve all elements of a table from an agent, it initiates a Get

operation, followed by a series of GetNext operations.

• Set - Allows the manager to set values for object variables within an agent.

• Trap - Used by the agent to inform the manager of some events.

14.2 Supported MIBs

The ZyAIR supports RFC-1215 and MIB II as defined in RFC-1213. The focus of the MIBs is to let

administrators collect statistic data and monitor status and performance.

14.3 SNMP Configuration

To configure SNMP, select option 22 from the main menu to open Menu 22 – SNMP Configuration as

shown next. The “community” for Get, Set and Trap fields is SNMP terminology for password.

ZyAIR B-500 Wireless Access Point User’s Guide

SNMP Configuration 14-3

Figure 14-2 Menu 22 SNMP Configuration

The following table describes the SNMP configuration parameters.

Table 14-1 Menu 22 SNMP Configuration

FIELD DESCRIPTION EXAMPLE

SNMP:

Get Community Type the Get Community, which is the password for the incoming

Get- and GetNext requests from the management station.

public

Set Community Type the Set Community, which is the password for incoming Set

requests from the management station.

public

Trusted Host If you enter a trusted host, your ZyAIR will only respond to SNMP

messages from this address. A blank (default) field means your

ZyAIR will respond to all SNMP messages it receives, regardless

of source.

0.0.0.0

Trap:

Community Type the trap community, which is the password sent with each

trap to the SNMP manager.

public

Destination Type the IP address of the station to send your SNMP traps to. 0.0.0.0

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to

cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

14.4 SNMP Traps

The ZyAIR will send traps to the SNMP manager when any one of the following events occurs:

Menu 22 - SNMP Configuration

SNMP:

Get Community= public

Set Community= public

Trusted Host= 0.0.0.0

Trap:

Community= public

Destination= 0.0.0.0

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

14-4 SNMP Configuration

Table 14-2 SNMP Traps

TRAP # TRAP NAME DESCRIPTION

1 coldStart (defined in RFC-1215) A trap is sent after booting (power on).

2 warmStart (defined in RFC-1215) A trap is sent after booting (software reboot).

3 linkUp (defined in RFC-1215) A trap is sent when the port is up.

4 authenticationFailure (defined in

RFC-1215)

A trap is sent to the manager when receiving any SNMP

get or set requirements with wrong community

(password).

6 linkDown (defined in RFC-1215) A trap is sent when the port is down.

The following table maps the physical port and encapsulation to the interface type.

Table 14-3 Ports and Interface Types

PHYSICAL PORT/ENCAP INTERFACE TYPE

LAN port(s) enet0

Wireless port enet1

PPPoE encap pppoe

1483 encap mpoa

Ethernet encap enet-encap

PPPoA ppp

ZyAIR B-500 Wireless Access Point User’s Guide

System Security 15-1

Chapter 15

System Security

This chapter describes how to configure the system security on the ZyAIR.

15.1 System Security

You can configure the system password, an external RADIUS server and 802.1x in this menu.

15.1.1 System Password

Figure 15-1 Menu 23 System Security

You should change the default password. If you forget your password you have to restore the default

configuration file. Refer to the section on changing the system password in the Introducing the SMT chapter

and the section on resetting the ZyAIR in the Introducing the Web Configurator chapter.

15.1.2 Configuring External RADIUS Server

Enter 23 in the main menu to display Menu 23 – System Security.

Figure 15-2 Menu 23 System Security

From Menu 23- System Security, enter 2 to display Menu 23.2 – System Security – RADIUS Server as

shown next.

Menu 23 - System Security

1. Change Password

2. RADIUS Server

4. IEEE802.1x

Menu 23 - System Security

1. Change Password

2. RADIUS Server

4. IEEE802.1x

ZyAIR B-500 Wireless Access Point User’s Guide

15-2 System Security

Figure 15-3 Menu 23.2 System Security : RADIUS Server

The following table describes the fields in this menu.

Table 15-1 Menu 23.2 System Security : RADIUS Server

FIELD DESCRIPTION EXAMPLE

Authentication Server

Active Press [SPACE BAR] to select Yes and press [ENTER] to enable

user authentication through an external authentication server.

Server Address Enter the IP address of the external authentication server in

dotted decimal notation.

10.11.12.13

Port The default port of the RADIUS server for authentication is 1812.

You need not change this value unless your network

administrator instructs you to do so with additional information.

1812

Shared Secret Specify a password (up to 31 alphanumeric characters) as the

key to be shared between the external authentication server and

the access points.

The key is not sent over the network. This key must be the same

on the external authentication server and ZyAIR.

Accounting Server

Active Press [SPACE BAR] to select Yes and press [ENTER] to enable

user authentication through an external accounting server.

Server Address Enter the IP address of the external accounting server in dotted

decimal notation.

10.11.12.13

Menu 23.2 - System Security - RADIUS Server

Authentication Server:

Active= No

Server Address= 10.11.12.13

Port #= 1812

Shared Secret= ?

Accounting Server:

Active= No

Server Address= 10.11.12.13

Port #= 1813

Shared Secret= ?

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

System Security 15-3

Table 15-1 Menu 23.2 System Security : RADIUS Server

FIELD DESCRIPTION EXAMPLE

Port The default port of the RADIUS server for accounting is 1813.

You need not change this value unless your network

administrator instructs you to do so with additional information.

1813

Shared Secret Specify a password (up to 31 alphanumeric characters) as the

key to be shared between the external accounting server and the

access points.

The key is not sent over the network. This key must be the same

on the external accounting server and ZyAIR.

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to

cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

15.1.3 802.1x

The IEEE 802.1x standards outline enhanced security methods for both the authentication of wireless

stations and encryption key management.

Follow the steps below to enable EAP authentication on your ZyAIR.

Step 1. From the main menu, enter 23 to display Menu23 – System Security.

Figure 15-4 Menu 23 System Security

Step 2. Enter 4 to display Menu 23.4 – System Security – IEEE802.1x.

Menu 23 - System Security

1. Change Password

2. RADIUS Server

4. IEEE802.1X

ZyAIR B-500 Wireless Access Point User’s Guide

15-4 System Security

Figure 15-5 Menu 23.4 System Security : IEEE802.1x

The following table describes the fields in this menu.

Table 15-2 Menu 23.4 System Security : IEEE802.1x

FIELD DESCRIPTION

Wireless Port

Control

Press [SPACE BAR] and select a security mode for the wireless LAN access.

Select No Authentication Required to allow any wireless stations access to your

wired network without entering usernames and passwords. This is the default setting.

Selecting Authentication Required means wireless stations have to enter usernames

and passwords before access to the wired network is allowed.

Select No Access Allowed to block all wireless stations access to the wired network.

ReAuthentica-

tion Timer

(in seconds)

Specify how often a wireless station has to re-enter username and password to stay

connected to the wired network.

This field is activated only when you select Authentication Required in the Wireless

Port Control field. Enter a time interval between 10 and 9999 (in seconds). The default

time interval is 1800 seconds (or 30 minutes).

Idle Timeout The ZyAIR automatically disconnects a wireless station from the wired network after a

period of inactivity. The wireless station needs to enter the username and password

again before access to the wired network is allowed.

This field is activated only when you select Authentication Required in the Wireless

Port Control field. The default time interval is 3600 seconds (or 1 hour).

Menu 23.4 - System Security - IEEE802.1X

Wireless Port Control= Authentication Required

ReAuthentication Timer (in second)= 1800

Idle Timeout (in second)= 3600

Authentication Databases= Local User Database Only

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

System Security 15-5

Table 15-2 Menu 23.4 System Security : IEEE802.1x

FIELD DESCRIPTION

Authentication

Databases

This field is activated only when you select Authentication Required in the Wireless

Port Control field.

The authentication database contains wireless station login information. The local user

database is the built-in database on the ZyAIR. The RADIUS is an external server. Use

this field to decide which database the ZyAIR should use (first) to authenticate a

wireless station.

Before you specify the priority, make sure you have set up the corresponding database

correctly first.

Select Local User Database Only to have the ZyAIR just check the built-in user

database on the ZyAIR for a wireless station's username and password.

Select RADIUS Only to have the ZyAIR just check the user database on the specified

RADIUS server for a wireless station's username and password.

Select Local first, then RADIUS to have the ZyAIR first check the user database on

the ZyAIR for a wireless station's username and password. If the user name is not

found, the ZyAIR then checks the user database on the specified RADIUS server.

Select RADIUS first, then Local to have the ZyAIR first check the user database on

the specified RADIUS server for a wireless station's username and password. If the

ZyAIR cannot reach the RADIUS server, the ZyAIR then checks the local user

database on the ZyAIR. When the user name is not found or password does not match

in the RADIUS server, the ZyAIR will not check the local user database and the

authentication fails.

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to

cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

Once you enable user authentication, you need to specify an external RADIUS

server or create local user accounts on the ZyAIR for authentication.

ZyAIR B-500 Wireless Access Point User’s Guide

System Information and Diagnosis 16-1

Chapter 16

System Information and Diagnosis

This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4.

16.1 Overview

These tools include updates on system status, port status, log and trace capabilities and upgrades for the

system software. This chapter describes how to use these tools in detail.

Type 24 in the main menu and press [ENTER] to open Menu 24 – System Maintenance, as shown in the

following figure.

Figure 16-1 Menu 24 System Maintenance

16.2 System Status

The first selection, System Status gives you information on the status and statistics of the ports, as shown

next. System Status is a tool that can be used to monitor your ZyAIR. Specifically, it gives you information

on your Ethernet and Wireless LAN status, number of packets sent and received.

To get to System Status, type 24 to go to Menu 24 – System Maintenance. From this menu, type 1.

System Status. There are two commands in Menu 24.1 – System Maintenance – Status. Entering 9 resets

the counters; pressing [ESC] takes you back to the previous screen.

Menu 24 – System Maintenance

1. System Status

2. System Information and Console Port Speed

3. Log and Trace

4. Diagnostic

5. Backup Configuration

6. Restore Configuration

7. Upload Firmware

8. Command Interpreter Mode

10. Time and Date Setting

Enter Menu Selection Number:

ZyAIR B-500 Wireless Access Point User’s Guide

16-2 System Information and Diagnosis

The following table describes the fields present in Menu 24.1 – System Maintenance – Status which are

read-only and meant for diagnostic purposes.

Figure 16-2 Menu 24.1 System Maintenance : Status

The following table describes the fields present in this menu.

Table 16-1 Menu 24.1 System Maintenance : Status

FIELD DESCRIPTION

Port This is the port type. Port types are: Ethernet and Wireless

Status This shows the status of the remote node.

TxPkts This is the number of transmitted packets to this remote node.

RxPkts This is the number of received packets from this remote node.

Cols This is the number of collisions on this connection.

Tx B/s This shows the transmission rate in bytes per second.

Rx B/s This shows the receiving rate in bytes per second.

Up Time This is the time this channel has been connected to the current remote node.

Ethernet Address This shows the MAC address of the port.

IP Address This shows the IP address of the network device connected to the port.

IP Mask This shows the subnet mask of the network device connected to the port.

DHCP This shows the DHCP setting (None or Client) for the port.

Menu 24.1 - System Maintenance - Status 00:01:51

Sat. Jan. 01, 2000

Port Status TxPkts RxPkts Cols Tx B/s Rx B/s Up Time

Ethernet 100M/Full 38 128 0 268 128 0:01:42

Wireless 16.5M 70 0 0 0 0 0:01:42

Port Ethernet Address IP Address IP Mask DHCP

Ethernet 00:A0:C5:00:00:04 192.168.1.2 255.255.255.0 None

Wireless 00:A0:C5:00:00:04

System up Time: 0:01:55

Press Command:

COMMANDS: 9-Reset Counters ESC-Exit

ZyAIR B-500 Wireless Access Point User’s Guide

System Information and Diagnosis 16-3

Table 16-1 Menu 24.1 System Maintenance : Status

FIELD DESCRIPTION

System Up Time This is the time the ZyAIR is up and running from the last reboot.

16.3 System Information

To get to the System Information:

Step 1. Enter 24 to display Menu 24 – System Maintenance.

Step 2. Enter 2 to display Menu 24.2 – System Information and Console Port Speed.

Step 3. From this menu you have two choices as shown in the next figure:

Figure 16-3 Menu 24.2 System Information and Console Port Speed

The ZyAIR has an internal console port for support personnel only. Do not open

the ZyAIR as it will void your warranty.

16.3.1 System Information

Enter 1 in menu 24.2 to display the screen shown next.

Figure 16-4 Menu 24.2.1 System Information : Information

Menu 24.2 - System Information and Console Port Speed

1. System Information

2. Console Port Speed

Please enter selection:

Menu 24.2.1 - System Maintenance - Information

Name: B-500

Routing: BRIDGE

ZyNOS F/W Version: V3.50(HL.0)b1 | 09/19/2003

Country Code: 255

LAN

Ethernet Address: 00:A0:C5:00:00:04

IP Address: 192.168.1.2

IP Mask: 255.255.255.0

DHCP: None

Press ESC or RETURN to Exit:

ZyAIR B-500 Wireless Access Point User’s Guide

16-4 System Information and Diagnosis

The following table describes the fields in this menu.

Table 16-2 Menu 24.2.1 System Maintenance : Information

FIELD DESCRIPTION

Name Displays the system name of your ZyAIR. This information can be changed in

Menu 1 – General Setup.

Routing Refers to the routing protocol used.

ZyNOS F/W

Version

Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version.

ZyNOS is a registered trademark of ZyXEL Communications Corporation.

Country Code Refers to the country code of the firmware.

LAN

Ethernet Address Refers to the Ethernet MAC (Media Access Control) of your ZyAIR.

IP Address This is the IP address of the ZyAIR in dotted decimal notation.

IP Mask This shows the subnet mask of the ZyAIR.

DHCP This field shows the DHCP setting of the ZyAIR.

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to

cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

16.3.2 Console Port Speed

You can set up different port speeds for the console port through Menu 24.2.2 – System Maintenance –

Console Port Speed. Your ZyAIR supports 9600 (default), 19200, 38400, 57600 and 115200 bps console

port speeds. Press [SPACE BAR] and then [ENTER] to select the desired speed in menu 24.2.2, as shown

in the following figure.

Figure 16-5 Menu 24.2.2 System Maintenance : Change Console Port Speed

After you changed the console port speed on your ZyAIR, you must also make the same change to the

console port speed parameter of your communication software.

Menu 24.2.2 – System Maintenance – Change Console Port Speed

Console Port Speed: 9600

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

System Information and Diagnosis 16-5

16.4 Log and Trace

Your ZyAIR provides the error logs and trace records that are stored locally.

16.4.1 Viewing Error Log

The first place you should look for clues when something goes wrong is the error log. Follow the

procedures to view the local error/trace log:

Step 1. Type 24 in the main menu to display Menu 24 – System Maintenance.

Step 2. From menu 24, type 3 to display Menu 24.3 – System Maintenance – Log and Trace.

Figure 16-6 Menu 24.3 System Maintenance : Log and Trace

Step 3. Enter 1 from Menu 24.3 – System Maintenance – Log and Trace and press [ENTER] twice to

display the error log in the system.

After the ZyAIR finishes displaying the error log, you will have the option to clear it. Samples of typical

error and information messages are presented in the next figure.

Figure 16-7 Sample Error and Information Messages

16.5 Diagnostic

The diagnostic facility allows you to test the different aspects of your ZyAIR to determine if it is working

properly. Menu 24.4 allows you to choose among various types of diagnostic tests to evaluate your system,

as shown in the following figure.

Menu 24.3 - System Maintenance - Log and Trace

1. View Error Log

Please enter selection:

13 Sat Jan 1 00:00:00 2000 PP0d INFO LAN promiscuous mode <1>

14 Sat Jan 1 00:00:00 2000 PINI INFO Last errorlog repeat 1 Times

15 Sat Jan 1 00:00:00 2000 PINI INFO main: init completed

16 Sat Jan 1 00:00:02 2000 PP05 -WARN SNMP TRAP 3: link up

17 Sat Jan 1 00:00:02 2000 PP13 INFO sending request to NTP server(6)

20 Sat Jan 1 00:00:30 2000 PSSV -WARN SNMP TRAP 0: cold start

Clear Error Log (y/n):

ZyAIR B-500 Wireless Access Point User’s Guide

16-6 System Information and Diagnosis

Figure 16-8 Menu 24.4 System Maintenance : Diagnostic

Follow the procedure next to get to display this menu:

Step 1. From the main menu, type 24 to open Menu 24 – System Maintenance.

Step 2. From this menu, type 4. Diagnostic to open Menu 24.4 – System Maintenance – Diagnostic.

The following table describes the diagnostic tests available in menu 24.4 for your ZyAIR and the

connections.

Table 16-3 Menu 24.4 System Maintenance Menu : Diagnostic

FIELD DESCRIPTION

Ping Host Ping the host to see if the links and TCP/IP protocol on both systems are working.

DHCP Release Release the IP address assigned by the DHCP server.

DHCP Renewal Get a new IP address from the DHCP server.

Reboot System Reboot the ZyAIR.

Host IP Address If you typed 1 to Ping Host, now type the address of the computer you want to ping.

Menu 24.4 - System Maintenance – Diagnostic

TCP/IP

1. Ping Host

2. DHCP Release

3. DHCP Renewal

System

11. Reboot System

Enter Menu Selection Number:

Host IP Address= N/A

ZyAIR B-500 Wireless Access Point User’s Guide

Firmware and Configuraiton File Maintenance 17-1

Chapter 17

Firmware and Configuration File

Maintenance

This chapter tells you how to backup and restore your configuration file as well as upload new

firmware and configuration files using the SMT screens.

17.1 Filename Conventions

The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus

such as password and TCP/IP Setup, etc. It arrives from ZyXEL with a rom filename extension. Once you

have customized the ZyAIR's settings, they can be saved back to your computer under a filename of your

choosing.

ZyNOS (ZyXEL Network Operating System sometimes referred to as the “ras” file) is the system firmware

and has a “bin” filename extension. With many FTP and TFTP clients, the filenames are similar to those

seen next.

ftp> put firmware.bin ras

This is a sample FTP session showing the transfer of the computer file " firmware.bin" to the ZyAIR.

ftp> get rom-0 config.cfg

This is a sample FTP session saving the current configuration to the computer file config.cfg.

If your [T]FTP client does not allow you to have a destination filename different than the source, you will

need to rename them as the ZyAIR only recognizes “rom-0” and “ras”. Be sure you keep unaltered copies

of both files for later use.

The following table is a summary. Please note that the internal filename refers to the filename on the

ZyAIR and the external filename refers to the filename not on the ZyAIR, that is, on your computer, local

network or FTP site and so the name (but not the extension) will vary. After uploading new firmware see

the ZyNOS F/W Version field in Menu 24.2.1 – System Maintenance – Information to confirm that you

have uploaded the correct firmware version.

ZyAIR B-500 Wireless Access Point User’s Guide

17-2 Firmware and Configuraiton File Maintenance

Table 17-1 Filename Conventions

FILE TYPE INTERNAL

NAME

EXTERNAL

NAME

DESCRIPTION

Configuration File Rom-0 *.rom This is the configuration filename on the ZyAIR.

Uploading the rom-0 file replaces the entire ROM file

system, including your ZyAIR configurations,

system-related data (including the default

password), the error log and the trace log.

Firmware Ras *.bin This is the generic name for the ZyNOS firmware on

the ZyAIR.

17.2 Backup Configuration

Option 5 from Menu 24 – System Maintenance allows you to backup the current ZyAIR configuration to

your computer. Backup is highly recommended once your ZyAIR is functioning properly. FTP is the

preferred method, although TFTP can also be used.

Please note that the terms “download” and “upload” are relative to the computer. Download means to

transfer from the ZyAIR to the computer, while upload means from your computer to the ZyAIR.

17.2.1 Backup Configuration Using FTP

Enter 5 in Menu 24 – System Maintenance to get the following screen.

Figure 17-1 Menu 24.5 Backup Configuration

Menu 24.5 – Backup Configuration

To transfer the configuration file to your workstation, follow the

procedure below:

1. Launch the FTP client on your workstation.

2. Type "open" and the IP address of your router. Then type "root" and

SMT password as requested.

3. Locate the ‘rom-0’ file.

4. Type ‘get rom-0’ to back up the current router configuration to your

workstation.

For details on FTP commands, please consult the documentation of your FTP

client program. For details on backup using TFTP (note that you must

remain in the menu to back up using TFTP), please see your router manual.

Press ENTER to Exit:

ZyAIR B-500 Wireless Access Point User’s Guide

Firmware and Configuraiton File Maintenance 17-3

17.2.2 Using the FTP command from the DOS Prompt

Step 1. Launch the FTP client on your computer.

Step 2. Enter “open” and the IP address of your ZyAIR.

Step 3. Press [ENTER] when prompted for a username.

Step 4. Enter “root” and your SMT password as requested. The default is 1234.

Step 5. Enter “bin” to set transfer mode to binary.

Step 6. Use “get” to transfer files from the ZyAIR to the computer, for example, “get rom-0 config.rom”

transfers the configuration file on the ZyAIR to your computer and renames it “config.rom”. See

earlier in this chapter for more information on filename conventions.

Step 7. Enter “quit” to exit the FTP prompt.

Figure 17-2 FTP Session Example

The following table describes some of the commands that you may see in third party FTP clients.

Table 17-2 General Commands for Third Party FTP Clients

COMMAND DESCRIPTION

Host Address Enter the address of the host server.

This is when a user I.D. and password is automatically supplied to the server for

anonymous access. Anonymous logins will work only if your ISP or service

administrator has enabled this option.

Normal.

The server requires a unique User ID and Password to login.

Transfer Type Transfer files in either ASCII (plain text format) or in binary mode.

331 Enter PASS command

Password:

230 Logged in

ftp> bin

200 Type I OK

ftp> get rom-0 zyxel.rom

200 Port command okay

150 Opening data connection for STOR ras

226 File received OK

ftp: 327680 bytes sent in 1.10Seconds 297.89Kbytes/sec.

ftp> quit

ZyAIR B-500 Wireless Access Point User’s Guide

17-4 Firmware and Configuraiton File Maintenance

Table 17-2 General Commands for Third Party FTP Clients

COMMAND DESCRIPTION

Initial Remote

Directory

Specify the default local directory (path).

17.2.3 Backup Configuration Using TFTP

The ZyAIR supports the up/downloading of the firmware and the configuration file using TFTP (Trivial

File Transfer Protocol) over LAN. Although TFTP should work over WAN as well, it is not recommended.

To use TFTP, your computer must have both telnet and TFTP clients. To backup the configuration file,

follow the procedure shown next:

Step 1. Use telnet from your computer to connect to the ZyAIR and log in. Because TFTP does not

have any security checks, the ZyAIR records the IP address of the telnet client and accepts

TFTP requests only from this address.

Step 2. Put the SMT in command interpreter (CI) mode by entering 8 in Menu 24 – System

Maintenance.

Step 3. Enter command “sys stdio 0” to disable the SMT timeout, so the TFTP transfer will not be

interrupted. Enter command “sys stdio 5” to restore the five-minute SMT timeout (default)

when the file transfer is complete.

Step 4. Launch the TFTP client on your computer and connect to the ZyAIR. Set the transfer mode to

binary before starting data transfer.

Step 5. Use the TFTP client (see the example below) to transfer files between the ZyAIR and the

computer. The file name for the configuration file is rom-0 (rom-zero, not capital o).

Note that the telnet connection must be active and the SMT in CI mode before and during the TFTP

transfer. For details on TFTP commands (see following example), please consult the documentation of your

TFTP client program. For UNIX, use “get” to transfer from the ZyAIR to the computer and “binary” to set

binary transfer mode.

17.2.4 Example: TFTP Command

The following is an example TFTP command:

TFTP [-i] host get rom-0 config.rom

ZyAIR B-500 Wireless Access Point User’s Guide

Firmware and Configuraiton File Maintenance 17-5

where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the

ZyAIR IP address, “get” transfers the file source on the ZyAIR (rom-0 name of the configuration file on

the ZyAIR) to the file destination on the computer and renames it config.rom.

The following table describes some of the fields that you may see in third party TFTP clients.

Table 17-3 General Commands for Third Party TFTP Clients

COMMAND DESCRIPTION

Host Enter the IP address of the ZyAIR. 192.168.1.2 is the ZyAIR’s default IP

address when shipped.

Send/Fetch Use “Send” to upload the file to the ZyAIR and “Fetch” to back up the file on

your computer.

Local File Enter the path and name of the firmware file (*.bin extension) or configuration

file (*.rom extension) on your computer.

Remote File This is the filename on the ZyAIR. The filename for the firmware is “ras” and for

the configuration file, is “rom-0”.

Binary Transfer the file in binary mode.

Abort Stop transfer of the file.

17.3 Restore Configuration

Menu 24.6 –- System Maintenance – Restore Configuration allows you to restore the configuration via

FTP or TFTP to your ZyAIR. The preferred method is FTP. Note that this function erases the current

configuration before restoring the previous backup configuration; please do not attempt to restore unless

you have a backup configuration stored on disk. To restore configuration using FTP or TFTP is the same as

uploading the configuration file, please refer to the following sections on FTP and TFTP file transfer for

more details. The ZyAIR restarts automatically after the file transfer is complete.

ZyAIR B-500 Wireless Access Point User’s Guide

17-6 Firmware and Configuraiton File Maintenance

Figure 17-3 Menu 24.6 Restore Configuration

17.4 Uploading Firmware and Configuration Files

Menu 24.7 – System Maintenance – Upload Firmware allows you to upgrade the firmware and the

configuration file.

WARNING!

PLEASE WAIT A FEW MINUTES FOR THE ZYAIR TO RESTART AFTER FIRMWARE

OR CONFIGURATION FILE UPLOAD. INTERRUPTING THE UPLOAD PROCESS

MAY PERMANENTLY DAMAGE YOUR ZYAIR.

Figure 17-4 Menu 24.7 System Maintenance : Upload Firmware

The configuration data, system-related data, the error log and the trace log are all stored in the configuration

file. Please be aware that uploading the configuration file replaces everything contained within.

Menu 24.6 – Restore Configuration

To transfer the firmware and the configuration file, follow the procedure

below:

1. Launch the FTP client on your workstation.

2. Type "open" and the IP address of your router. Then type "root" and

SMT password as requested.

3. Type “put backupfilename rom-0” where backupfilename is the name of

your backup configuration file on your workstation and rom-spt is the

Remote file name on the router. This restores the configuration to your

router.

4. The system reboots automatically after a successful file transfer.

For details on FTP commands, please consult the documentation of your FTP

client program. For details on restoring using TFTP (note that you must

remain in the menu to back up using TFTP), please see your router manual.

Press ENTER to Exit:

Menu 24.7 - System Maintenance - Upload Firmware

1. Upload System Firmware

2. Upload System Configuration File

Enter Menu Selection Number:

ZyAIR B-500 Wireless Access Point User’s Guide

Firmware and Configuraiton File Maintenance 17-7

17.4.1 Firmware Upload

FTP is the preferred method for uploading the firmware and configuration. To use this feature, your

computer must have an FTP client.

When you telnet into the ZyAIR, you will see the following screens for uploading firmware and the

configuration file using FTP.

Figure 17-5 Menu 24.7.1 System Maintenance : Upload System Firmware

17.4.2 Configuration File Upload

You see the following screen when you telnet into menu 24.7.2.

Menu 24.7.1 - System Maintenance - Upload System Firmware

To upload the system firmware, follow the procedure below:

1. Launch the FTP client on your workstation.

2. Type "open" and the IP address of your system. Then type "root" and

SMT password as requested.

3. Type "put firmwarefilename ras" where "firmwarefilename" is the name

of your firmware upgrade file on your workstation and "ras" is the

remote file name on the system.

4. The system reboots automatically after a successful firmware upload.

For details on FTP commands, please consult the documentation of your FTP

client program. For details on uploading system firmware using TFTP (note

that you must remain on this menu to upload system firmware using TFTP),

please see your manual.

Press ENTER to Exit:

ZyAIR B-500 Wireless Access Point User’s Guide

17-8 Firmware and Configuraiton File Maintenance

Figure 17-6 Menu 24.7.2 System Maintenance : Upload System Configuration File

To transfer the firmware and the configuration file, follow these examples:

17.4.3 Using the FTP command from the DOS Prompt Example

Step 1. Launch the FTP client on your computer.

Step 2. Enter “open” and the IP address of your ZyAIR.

Step 3. Press [ENTER] when prompted for a username.

Step 4. Enter “root” and your SMT password as requested. The default is 1234.

Step 5. Enter “bin” to set transfer mode to binary.

Step 6. Use “put” to transfer files from the computer to the ZyAIR, e.g., put firmware.bin ras transfers

the firmware on your computer (firmware.bin) to the ZyAIR and renames it “ras”. Similarly “put

config.rom rom-0” transfers the configuration file on your computer (config.rom) to the ZyAIR

and renames it “rom-0”. Likewise “get rom-0 config.rom” transfers the configuration file on the

ZyAIR to your computer and renames it “config.rom.” See earlier in this chapter for more

information on filename conventions.

Step 7. Enter “quit” to exit the FTP prompt.

Menu 24.7.2 - System Maintenance - Upload System Configuration File

To upload the system configuration file, follow the procedure below:

1. Launch the FTP client on your workstation.

2. Type "open" and the IP address of your system. Then type "root" and

SMT password as requested.

3. Type "put configurationfilename rom-0" where "configurationfilename"

is the name of your system configuration file on your workstation, which

will be transferred to the "rom-0" file on the system.

4. The system reboots automatically after the upload system configuration

file process is complete.

For details on FTP commands, please consult the documentation of your FTP

client program. For details on uploading system firmware using TFTP (note

that you must remain on this menu to upload system firmware using TFTP),

please see your manual.

Press ENTER to Exit:

ZyAIR B-500 Wireless Access Point User’s Guide

Firmware and Configuraiton File Maintenance 17-9

Figure 17-7 FTP Session Example

More commands that you may find in third party FTP clients, are listed earlier in this chapter.

17.4.4 TFTP File Upload

The ZyAIR also supports the up/downloading of the firmware and the configuration file using TFTP

(Trivial File Transfer Protocol) over LAN. Although TFTP should work over WAN as well, it is not

recommended.

To use TFTP, your computer must have both telnet and TFTP clients. To transfer the firmware and the

configuration file, follow the procedure shown next:

Step 1. Use telnet from your computer to connect to the ZyAIR and log in. Because TFTP does not have

any security checks, the ZyAIR records the IP address of the telnet client and accepts TFTP

requests only from this address.

Step 2. Put the SMT in command interpreter (CI) mode by entering 8 in Menu 24 – System

Maintenance.

Step 3. Enter the command “sys stdio 0” to disable the SMT timeout, so the TFTP transfer will not be

interrupted. Enter command “sys stdio 5” to restore the five-minute SMT timeout (default) when

the file transfer is complete.

Step 4. Launch the TFTP client on your computer and connect to the ZyAIR. Set the transfer mode to

binary before starting data transfer.

Step 5. Use the TFTP client (see the example below) to transfer files between the ZyAIR and the

computer. The file name for the firmware is “ras” and the configuration file is “rom-0” (rom-

zero, not capital o).

Note that the telnet connection must be active and the SMT in CI mode before and during the TFTP

transfer. For details on TFTP commands (see following example), please consult the documentation of your

TFTP client program. For UNIX, use “get” to transfer from the ZyAIR to the computer, “put” the other way

around, and “binary” to set binary transfer mode.

331 Enter PASS command

Password:

230 Logged in

ftp> bin

200 Type I OK

ftp> put firmware.bin ras

200 Port command okay

150 Opening data connection for STOR ras

226 File received OK

ftp: 327680 bytes sent in 1.10Seconds 297.89Kbytes/sec.

ftp> quit

ZyAIR B-500 Wireless Access Point User’s Guide

17-10 Firmware and Configuraiton File Maintenance

17.4.5 Example: TFTP Command

The following is an example TFTP command:

TFTP [-i] host put firmware.bin ras

where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the

ZyAIR’s IP address, “put” transfers the file source on the computer (firmware.bin – name of the firmware

on the computer) to the file destination on the remote host (ras - name of the firmware on the ZyAIR).

Commands that you may see in third party TFTP clients are listed earlier in this chapter.

ZyAIR B-500 Wireless Access Point User’s Guide

System Maintenance and Information 18-1

Chapter 18

System Maintenance and Information

This chapter leads you through SMT menus 24.8 and 24.10.

18.1 Command Interpreter Mode

The Command Interpreter (CI) is a part of the main system firmware. The CI provides much of the same

functionality as the SMT, while adding some low-level setup and diagnostic functions. Enter the CI from

the SMT by selecting menu 24.8. See the included disk or the zyxel.com web site for more detailed

information on CI commands. Enter 8 from Menu 24 – System Maintenance. A list of valid commands

can be found by typing help or ? at the command prompt. Type “exit” to return to the SMT main menu

when finished.

Figure 18-1 Menu 24 System Maintenance

Figure 18-2 Valid CI Commands

Menu 24 – System Maintenance

1. System Status

2. System Information and Console Port Speed

3. Log and Trace

4. Diagnostic

5. Backup Configuration

6. Restore Configuration

7. Upload Firmware

8. Command Interpreter Mode

10. Time and Date Setting

Enter Menu Selection Number:

B-500> ?

Valid commands are:

sys exit device ether

config wlan ip ppp

bridge hdap cnm radius

8021x

B-500>

ZyAIR B-500 Wireless Access Point User’s Guide

18-2 System Maintenance and Information

18.2 Time and Date Setting

The ZyAIR keeps track of the time and date. There is also a software mechanism to set the time manually

or get the current time and date from an external server when you turn on your ZyAIR. Menu 24.10 allows

you to update the time and date settings of your ZyAIR. The real time is then displayed in the ZyAIR error

logs and firewall logs.

Step 1. Select menu 24 in the main menu to open Menu 24 – System Maintenance.

Step 2. Then enter 10 to go to Menu 24.10 – System Maintenance – Time and Date Setting to update

the time and date settings of your ZyAIR as shown in the following screen.

Figure 18-3 Menu 24.10 System Maintenance : Time and Date Setting

The following table describes the fields in this menu.

Menu 24.10 - System Maintenance - Time and Date Setting

Use Time Server when Bootup= NTP (RFC-1305)

Time Server Address= 128.105.39.21

Current Time: 05 : 47 : 19

New Time (hh:mm:ss): 05 : 47 : 17

Current Date: 2000 - 01 - 01

New Date (yyyy-mm-dd): 2000 - 01 - 01

Time Zone= GMT

Daylight Saving= No

Start Date (mm-dd): 01 - 01

End Date (mm-dd): 01 - 01

Press ENTER to Confirm or ESC to Cancel:

ZyAIR B-500 Wireless Access Point User’s Guide

System Maintenance and Information 18-3

Table 18-1 Menu 24.10 System Maintenance : Time and Date Setting

FIELD DESCRIPTION

Use Time Server

when Bootup

Enter the time service protocol that your time server sends when you turn on the

ZyAIR. Not all time servers support all protocols, so you may have to check with

your ISP/network administrator or use trial and error to find a protocol that works.

The main differences between them are the format.

Daytime (RFC 867) format is day/month/year/time zone of the server.

Time (RFC-868) format displays a 4-byte integer giving the total number of

seconds since 1970/1/1 at 0:0:0.

NTP (RFC-1305) is similar to Time (RFC-868).

None. The default, enter the time manually.

Time Server

Address

Enter the IP address or domain name of your time server. Check with your

ISP/network administrator if you are unsure of this information.

Current Time This field displays an updated time only when you reenter this menu.

New Time Enter the new time in hour, minute and second format.

Current Date This field displays an updated date only when you re-enter this menu.

New Date Enter the new date in year, month and day format.

Time Zone Press [SPACE BAR] and then [ENTER] to set the time difference between your

time zone and Greenwich Mean Time (GMT).

Daylight Saving If you use daylight savings time, then choose Yes.

Start Date If using daylight savings time, enter the month and day that it starts on.

End Date If using daylight savings time, enter the month and day that it ends on

Once you have filled in this menu, press [ENTER] at the message “Press ENTER to Confirm or ESC to

Cancel“ to save your configuration, or press [ESC] to cancel.

18.2.1 Resetting the Time

The ZyAIR resets the time in three instances:

i. On leaving menu 24.10 after making changes.

ii. When the ZyAIR starts up, if there is a time server configured in menu 24.10.

iii. 24-hour intervals after starting.

Appendices

Part VI:

APPENDICES

This part provides troubleshooting and background information about setting up your computer’s

IP address, wireless LAN, 802.1x and IP subnetting. It also provides information on the command

interpreter interface, NetBIOS commands and logs.

ZyAIR B-500 Wireless Access Point User’s Guide

Troubleshooting A-1

Appendix A

Troubleshooting

This appendix covers potential problems and possible remedies. After each problem description,

some instructions are provided to help you to diagnose and to solve the problem.

Problems Starting Up the ZyAIR

Chart A-1 Troubleshooting the Start-Up of Your ZyAIR

PROBLEM CORRECTIVE ACTION

None of the LEDs

turn on when I

plug in the power

adaptor.

Make sure you are using the supplied power adaptor and that it is plugged in to an

appropriate power source. Check that the power source is turned on.

If the problem persists, you may have a hardware problem. In this case, you should

contact your local vendor.

The ZyAIR

reboots

automatically

sometimes.

The supplied power to the ZyAIR is too low. Check that the ZyAIR is receiving

enough power.

Make sure the power source is working properly.

Problems with the Ethernet Interface

Chart A-2 Troubleshooting the Ethernet Interface

PROBLEM CORRECTIVE ACTION

Cannot access the

ZyAIR from the

LAN.

If the ETHN LED on the front panel is off, check the Ethernet cable connection

between your ZyAIR and the Ethernet device connected to the ETHERNET port.

Check for faulty Ethernet cables.

Make sure your computer’s Ethernet adapter is installed and working properly.

Check the IP address of the Ethernet device. Verify that the IP address and the

subnet mask of the ZyAIR, the Ethernet device and your computer are on the same

subnet.

ZyAIR B-500 Wireless Access Point User’s Guide

A-2 Troubleshooting

Chart A-2 Troubleshooting the Ethernet Interface

PROBLEM CORRECTIVE ACTION

I cannot ping any

computer on the

LAN.

If the ETHN LED on the front panel is off, check the Ethernet cable connections

between your ZyAIR and the Ethernet device.

Check the Ethernet cable connections between the Ethernet device and the LAN

computers.

Check for faulty Ethernet cables.

Make sure the LAN computer’s Ethernet adapter is installed and working properly.

Verify that the IP address and the subnet mask of the ZyAIR, the Ethernet device

and the LAN computers are on the same subnet.

Problems with the Password

Chart A-3 Troubleshooting the Password

PROBLEM CORRECTIVE ACTION

I cannot access

the ZyAIR.

The Password and Username fields are case-sensitive. Make sure that you enter

the correct password and username using the proper casing.

Use the RESET button on the top panel of the ZyAIR to restore the factory default

configuration file (hold this button in for about 10 seconds or until the link LED turns

red). This will restore all of the factory defaults including the password.

Problems with Telnet

Chart A-4 Troubleshooting Telnet

PROBLEM CORRECTIVE ACTION

I cannot access

the ZyAIR through

Telnet.

Refer to the Problems with the Ethernet Interface section for instructions on checking

your Ethernet connection.

ZyAIR B-500 Wireless Access Point User’s Guide

Troubleshooting A-3

Problems with the WLAN Interface

Chart A-5 Troubleshooting the WLAN Interface

PROBLEM CORRECTIVE ACTION

Cannot access the

ZyAIR from the

WLAN.

Make sure the wireless adapter on the wireless station is working properly.

Check that both the ZyAIR and your wireless station are using the same ESSID,

channel and WEP keys (if WEP encryption is activated).

I cannot ping any

computer on the

WLAN.

Make sure the wireless adapter on the wireless station(s) is working properly.

Check that both the ZyAIR and wireless station(s) are using the same ESSID,

channel and WEP keys (if WEP encryption is activated).

ZyAIR B-500 Wireless Access Point User’s Guide

Brute-Force Password Guessing Protection B-1

Appendix B

Brute-Force Password Guessing

Protection

The following describes the commands for enabling, disabling and configuring the brute-force password

guessing protection mechanism for the password. See the Command Interpreter appendix for information

on the command structure.

Chart B-1 Brute-Force Password Guessing Protection Commands

COMMAND DESCRIPTION

sys pwderrtm This command displays the brute-force guessing password protection settings.

sys pwderrtm 0 This command turns off the password's protection from brute-force guessing.

sys pwderrtm N This command sets the password protection to block all access attempts for N (a

number from 1 to 60) minutes after the third time an incorrect password is entered.

Example

sys pwderrtm 5 This command sets the password protection to block all access attempts for five minutes after

the third time an incorrect password is entered.

By default, the brute-force password guessing protection is turned ON with a 3-minute wait time.

ZyAIR B-500 Wireless Access Point User’s Guide

Setting Up Your Computer’s IP Address C-1

Appendix C

Setting up Your Computer’s IP Address

All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed.

Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of

UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.

Windows 3.1 requires the purchase of a third-party TCP/IP application package.

TCP/IP should already be installed on computers using Windows NT/2000/XP, Macintosh OS 7 and later

operating systems.

After the appropriate TCP/IP components are installed, configure the TCP/IP settings in order to

"communicate" with your network.

If you manually assign IP information instead of using dynamic assignment, make sure that your computers

have IP addresses that place them in the same subnet as the ZyAIR's LAN port.

Windows 95/98/Me

Click Start, Settings, Control Panel and double-click the

Network icon to open the Network window.

The Network window Configuration tab displays a list of installed components. You need a network

adapter, the TCP/IP protocol and Client for Microsoft Networks.

ZyAIR B-500 Wireless Access Point User’s Guide

C-2 Setting Up Your Computer’s IP Address

If you need the adapter:

a. In the Network window, click Add.

b. Select Adapter and then click Add.

c. Select the manufacturer and model of your network adapter and then click OK.

If you need TCP/IP:

a. In the Network window, click Add.

b. Select Protocol and then click Add.

c. Select Microsoft from the list of manufacturers.

d. Select TCP/IP from the list of network protocols and then click OK.

If you need Client for Microsoft Networks:

a. Click Add.

b. Select Client and then click Add.

c. Select Microsoft from the list of manufacturers.

d. Select Client for Microsoft Networks from the list of network clients and then click OK.

e. Restart your computer so the changes you made take effect.

In the Network window Configuration tab, select your network adapter's TCP/IP entry and click

Properties.

ZyAIR B-500 Wireless Access Point User’s Guide

Setting Up Your Computer’s IP Address C-3

1. Click the IP Address tab.

-If your IP address is dynamic, select Obtain an

IP address automatically.

-If you have a static IP address, select Specify

an IP address and type your information into

the IP Address and Subnet Mask fields.

2. Click the DNS Configuration tab.

-If you do not know your DNS information, select

Disable DNS.

-If you know your DNS information, select

Enable DNS and type the information in the

fields below (you may not need to fill them all

in).

ZyAIR B-500 Wireless Access Point User’s Guide

C-4 Setting Up Your Computer’s IP Address

Click the Gateway tab.

-If you do not know your gateway’s IP address,

remove previously installed gateways.

-If you have a gateway IP address, type it in the

New gateway field and click Add.

4. Click OK to save and close the TCP/IP Properties window.

5. Click OK to close the Network window. Insert the Windows CD if prompted.

6. Turn on your ZyAIR and restart your computer when prompted.

Verifying Your Computer’s IP Address

1. Click Start and then Run.

2. In the Run window, type "winipcfg" and then click OK to open the IP Configuration window.

3. Select your network adapter. You should see your computer's IP address, subnet mask and default

gateway.

Windows 2000/NT/XP

ZyAIR B-500 Wireless Access Point User’s Guide

Setting Up Your Computer’s IP Address C-5

1. For Windows XP, click start, Control Panel. In

Windows 2000/NT, click Start, Settings, Control

Panel.

2. For Windows XP, click Network

Connections. For Windows 2000/NT, click

Network and Dial-up Connections.

3. Right-click Local Area Connection and

then click Properties.

ZyAIR B-500 Wireless Access Point User’s Guide

C-6 Setting Up Your Computer’s IP Address

4. Select Internet Protocol (TCP/IP) (under the

General tab in Win XP) and click Properties.

5. The Internet Protocol TCP/IP Properties

window opens (the General tab in Windows XP).

-If you have a dynamic IP address click Obtain

an IP address automatically.

-If you have a static IP address click Use the

following IP Address and fill in the IP address,

Subnet mask, and Default gateway fields.

Click Advanced.

ZyAIR B-500 Wireless Access Point User’s Guide

Setting Up Your Computer’s IP Address C-7

6. -If you do not know your gateway's IP address,

remove any previously installed gateways in the

IP Settings tab and click OK.

Do one or more of the following if you want to

configure additional IP addresses:

-In the IP Settings tab, in IP addresses, click

Add.

-In TCP/IP Address, type an IP address in IP

address and a subnet mask in Subnet mask,

and then click Add.

-Repeat the above two steps for each IP address

you want to add.

-Configure additional default gateways in the IP

Settings tab by clicking Add in Default

gateways.

-In TCP/IP Gateway Address, type the IP

address of the default gateway in Gateway. To

manually configure a default metric (the number

of transmission hops), clear the Automatic

metric check box and type a metric in Metric.

-Click Add.

-Repeat the previous three steps for each default gateway you want to add.

-Click OK when finished.

ZyAIR B-500 Wireless Access Point User’s Guide

C-8 Setting Up Your Computer’s IP Address

7. In the Internet Protocol TCP/IP Properties

window (the General tab in Windows XP):

-Click Obtain DNS server address

automatically if you do not know your DNS

server IP address(es).

-If you know your DNS server IP address(es),

click Use the following DNS server addresses,

and type them in the Preferred DNS server and

Alternate DNS server fields.

If you have previously configured DNS servers,

click Advanced and then the DNS tab to order

them.

8. Click OK to close the Internet Protocol (TCP/IP) Properties window.

9. Click OK to close the Local Area Connection Properties window.

10. Turn on your ZyAIR and restart your computer (if prompted).

Verifying Your Computer’s IP Address

1. Click Start, All Programs, Accessories and then Command Prompt.

2. In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also open

Network Connections, right-click a network connection, click Status and then click the Support tab.

Macintosh OS 8/9

ZyAIR B-500 Wireless Access Point User’s Guide

Setting Up Your Computer’s IP Address C-9

1. Click the Apple menu, Control Panel and double-click

TCP/IP to open the TCP/IP Control Panel.

2. Select Ethernet built-in

from the Connect via list.

3. For dynamically assigned settings, select Using DHCP Server from the Configure: list.

ZyAIR B-500 Wireless Access Point User’s Guide

C-10 Setting Up Your Computer’s IP Address

4. For statically assigned settings, do the following:

-From the Configure box, select Manually.

-Type your IP address in the IP Address box.

-Type your subnet mask in the Subnet mask box.

-Type the IP address of your ZyAIR in the Router address box.

5. Close the TCP/IP Control Panel.

6. Click Save if prompted, to save changes to your configuration.

7. Turn on your ZyAIR and restart your computer (if prompted).

Verifying Your Computer’s IP Address

Check your TCP/IP properties in the TCP/IP Control Panel window.

Macintosh OS X

1. Click the Apple menu, and click System Preferences

to open the System Preferences window.

ZyAIR B-500 Wireless Access Point User’s Guide

Setting Up Your Computer’s IP Address C-11

2. Click Network in the icon bar.

- Select Automatic from the Location list.

- Select Built-in Ethernet from the Show list.

- Click the TCP/IP tab.

3. For dynamically assigned settings, select Using DHCP from the Configure list.

4. For statically assigned settings, do the following:

-From the Configure box, select Manually.

-Type your IP address in the IP Address box.

-Type your subnet mask in the Subnet mask box.

-Type the IP address of your ZyAIR in the Router address box.

5. Click Apply Now and close the window.

6. Turn on your ZyAIR and restart your computer (if prompted).

Verifying Your Computer’s IP Address

Check your TCP/IP properties in the Network window.

ZyAIR B-500 Wireless Access Point User’s Guide

Wireless LAN and IEEE 802.11 D-1

Appendix D

Wireless LAN and IEEE 802.11

A wireless LAN (WLAN) provides a flexible data communications system that you can use to access

various services (navigating the Internet, email, printer services, etc.) without the use of a cabled

connection. In effect a wireless LAN environment provides you the freedom to stay connected to the

network while roaming around in the coverage area. WLAN is not available on all models.

Benefits of a Wireless LAN

Wireless LAN offers the following benefits:

1. It provides you with access to network services in areas otherwise hard or expensive to wire, such as

historical buildings, buildings with asbestos materials and classrooms.

2. It provides healthcare workers like doctors and nurses access to a complete patient’s profile on a

handheld or notebook computer upon entering a patient’s room.

3. It allows flexible workgroups a lower total cost of ownership for workspaces that are frequently

reconfigured.

4. It allows conference room users access to the network as they move from meeting to meeting, getting

up-to-date access to information and the ability to communicate decisions while “on the go”.

5. It provides campus-wide networking mobility, allowing enterprises the roaming capability to set up

easy-to-use wireless networks that cover the entire campus transparently.

IEEE 802.11

The 1997 completion of the IEEE 802.11 standard for wireless LANs (WLANs) was a first important step

in the evolutionary development of wireless networking technologies. The standard was developed to

maximize interoperability between differing brands of wireless LANs as well as to introduce a variety of

performance improvements and benefits.

The IEEE 802.11 specifies three different transmission methods for the PHY, the layer responsible for

transferring data between nodes. Two of the methods use spread spectrum RF signals, Direct Sequence

Spread Spectrum (DSSS) and Frequency-Hopping Spread Spectrum (FHSS), in the 2.4 to 2.4825 GHz

ZyAIR B-500 Wireless Access Point User’s Guide

D-2 Wireless LAN and IEEE 802.11

unlicensed ISM (Industrial, Scientific and Medical) band. The third method is infrared technology, using

very high frequencies, just below visible light in the electromagnetic spectrum to carry data.

Ad-hoc Wireless LAN Configuration

The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers

with wireless nodes or stations (STA), which is called a Basic Service Set (BSS). In the most basic form, a

wireless LAN connects a set of computers with wireless adapters. Any time two or more wireless adapters

are within range of each other, they can set up an independent network, which is commonly referred to as

an Ad-hoc network or Independent Basic Service Set (IBSS). See the following diagram of an example of

an Ad-hoc wireless LAN.

Diagram D-1 Peer-to-Peer Communication in an Ad-hoc Network

Infrastructure Wireless LAN Configuration

For infrastructure WLANs, multiple access points (APs) link the WLAN to the wired network and allow

users to efficiently share network resources. The access points not only provide communication with the

wired network but also mediate wireless network traffic in the immediate neighborhood. Multiple access

points can provide wireless coverage for an entire building or campus. All communications between

stations or between a station and a wired network client go through the access point.

ZyAIR B-500 Wireless Access Point User’s Guide

Wireless LAN and IEEE 802.11 D-3

The Extended Service Set (ESS) shown in the next figure consists of a series of overlapping BSSs (each

containing an Access Point) connected together by means of a Distribution System (DS). Although the DS

could be any type of network, it is almost invariably an Ethernet LAN. Mobile nodes can roam between

access points and seamless campus-wide coverage is possible.

Diagram D-2 ESS Provides Campus-Wide Coverage

ZyAIR B-500 Wireless Access Point User’s Guide

Wireless LAN with IEEE 802.1x E-1

Appendix E

Wireless LAN With IEEE 802.1x

As wireless networks become popular for both portable computing and corporate networks, security is now

a priority.

Security Flaws with IEEE 802.11

Wireless networks based on the original IEEE 802.11 have a poor reputation for safety. The IEEE 802.11b

wireless access standard, first published in 1999, was based on the MAC address. As the MAC address is

sent across the wireless link in clear text, it is easy to spoof and fake. Even the WEP (Wire Equivalent

Privacy) data encryption is unreliable as it can be easily decrypted with current computer speed

Deployment Issues with IEEE 802.11

User account management has become a network administrator’s nightmare in a corporate environment, as

the IEEE 802.11b standard does not provide any central user account management. User access control is

done through manual modification of the MAC address table on the access point. Although WEP data

encryption offers a form of data security, you have to reset the WEP key on the clients each time you

change your WEP key on the access point.

IEEE 802.1x

In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support

extended authentication as well as providing additional accounting and control features. It is supported by

Windows XP and a number of network devices.

Advantages of the IEEE 802.1x

• User based identification that allows for roaming.

• Support for RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) for

centralized user profile and accounting management on a network RADIUS server.

• Support for EAP (Extensible Authentication Protocol, RFC 2486) that allows additional

authentication methods to be deployed with no changes to the access point or the wireless stations.

ZyAIR B-500 Wireless Access Point User’s Guide

E-2 Wireless LAN with IEEE 802.1x

RADIUS Server Authentication Sequence

The following figure depicts a typical wireless network with a remote RADIUS server for user

authentication using EAPOL (EAP Over LAN).

Diagram E-1 Sequences for EAP MD5–Challenge Authentication

Client computer

access authorized.

Client computer

access not authorized.

ZyAIR B-500 Wireless Access Point User’s Guide

Types of EAP Authentication F-1

Appendix F

Types of EAP Authentication

This appendix discusses the four popular EAP authentication types: EAP-MD5, EAP-TLS, EAP-TTLS

and PEAP. The type of authentication you use depends on the RADIUS server or the AP. Consult your

network administrator for more information.

EAP-MD5 (Message-Digest Algorithm 5)

MD5 authentication is the simplest one-way authentication method. The authentication server sends a

challenge to the wireless station. The wireless station ‘proves’ that it knows the password by encrypting the

password with the challenge and sends back the information. Password is not sent in plain text.

However, MD5 authentication has some weaknesses. Since the authentication server needs to get the

plaintext passwords, the passwords must be stored. Thus someone other than the authentication server may

access the password file. In addition, it is possible to impersonate an authentication server as MD5

authentication method does not perform mutual authentication. Finally, MD5 authentication method does

not support data encryption with dynamic session key. You must configure WEP encryption keys for data

encryption.

EAP-TLS (Transport Layer Security)

With EAP-TLS, digital certifications are needed by both the server and the wireless stations for mutual

authentication. The server presents a certificate to the client. After validating the identity of the server, the

client sends a different certificate to the server. The exchange of certificates is done in the open before a

secured tunnel is created. This makes user identity vulnerable to passive attacks. A digital certificate is an

electronic ID card that authenticates the sender’s identity. However, to implement EAP-TLS, you need a

Certificate Authority (CA) to handle certificates, which imposes a management overhead.

EAP-TTLS (Tunneled Transport Layer Service)

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side

authentications to establish a secure connection. Client authentication is then done by sending username

and password through the secure connection, thus client identity is protected. For client authentication,

EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and

MS-CHAP v2.

PEAP (Protected EAP)

Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use

simple username and password methods through the secured connection to authenticate the clients, thus

ZyAIR B-500 Wireless Access Point User’s Guide

F-2 Types of EAP Authentication

hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5 and EAP-

MSCHAPv2, for client authentication.

For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys

for data encryption. They are often deployed in corporate environments, but for public deployment, simple

user name and password pair is more practical. The following table is a comparison of the features of four

authentication types.

Comparison of EAP Authentication Types

EAP-MD5 EAP-TLS EAP-TTLS PEAP

Mutual

Authentication

No Yes Yes Yes

Certificate – Client No Yes Optional Optional

Certificate – Server No Yes Yes Yes

Dynamic Key

Exchange

No Yes Yes Yes

Credential Security None Strong Strong Strong

Deployment

Difficulty

Easy Hard Moderate Moderate

Wireless Security Poor Best Good Good

Client Identity

Protection

No No Yes Yes

ZyAIR B-500 Wireless Access Point User’s Guide

IP Subnetting G-1

Appendix G

IP Subnetting

IP Addressing

Routers “route” based on the network number. The router that delivers the data packet to the correct

destination host uses the host ID.

IP Classes

An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example,

192.168.1.1. IP addresses are categorized into different classes. The class of an address depends on the

value of its first octet.

 Class “A” addresses have a 0 in the left most bit. In a class “A” address the first octet is the network

number and the remaining three octets make up the host ID.

 Class “B” addresses have a 1 in the left most bit and a 0 in the next left most bit. In a class “B” address

the first two octets make up the network number and the two remaining octets make up the host ID.

 Class “C” addresses begin (starting from the left) with 1 1 0. In a class “C” address the first three

octets make up the network number and the last octet is the host ID.

 Class “D” addresses begin with 1 1 1 0. Class “D” addresses are used for multicasting. (There is also a

class “E” address. It is reserved for future use.)

Chart G-1 Classes of IP Addresses

IP ADDRESS: OCTET 1 OCTET 2 OCTET 3 OCTET 4

Class A 0 Network number Host ID Host ID Host ID

Class B 10 Network number Network number Host ID Host ID

Class C 110 Network number Network number Network number Host ID

Host IDs of all zeros or all ones are not allowed.

Therefore:

 A class “C” network (8 host bits) can have 28 –2 or 254 hosts.

 A class “B” address (16 host bits) can have 216 –2 or 65534 hosts.

ZyAIR B-500 Wireless Access Point User’s Guide

G-2 IP Subnetting

A class “A” address (24 host bits) can have 224 –2 hosts (approximately 16 million hosts).

Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can

have a value of 0 to 127.

Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B” address

has a valid range of 128 to 191. The first octet of a class “C” address begins with “110”, and therefore has a

range of 192 to 223.

Chart G-2 Allowed IP Address Range By Class

CLASS ALLOWED RANGE OF FIRST OCTET

(BINARY)

ALLOWED RANGE OF FIRST OCTET

(DECIMAL)

Class A 00000000 to 01111111 0 to 127

Class B 10000000 to 10111111 128 to 191

Class C 11000000 to 11011111 192 to 223

Class D 11100000 to 11101111 224 to 239

Subnet Masks

A subnet mask is used to determine which bits are part of the network number, and which bits are part of

the host ID (using a logical AND operation). A subnet mask has 32 bits; each bit of the mask corresponds

to a bit of the IP address. If a bit in the subnet mask is a “1” then the corresponding bit in the IP address is

part of the network number. If a bit in the subnet mask is “0” then the corresponding bit in the IP address is

part of the host ID.

Subnet masks are expressed in dotted decimal notation just as IP addresses are. The “natural” masks for

class A, B and C IP addresses are as follows.

Chart G-3 “Natural” Masks

CLASS NATURAL MASK

A 255.0.0.0

B 255.255.0.0

C 255.255.255.0

Subnetting

With subnetting, the class arrangement of an IP address is ignored. For example, a class C address no

longer has to have 24 bits of network number and 8 bits of host ID. With subnetting, some of the host ID

bits are converted into network number bits. By convention, subnet masks always consist of a continuous

ZyAIR B-500 Wireless Access Point User’s Guide

IP Subnetting G-3

sequence of ones beginning from the left most bit of the mask, followed by a continuous sequence of zeros,

for a total number of 32 bits.

Since the mask is always a continuous number of ones beginning from the left, followed by a continuous

number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of

writing the value of each octet. This is usually specified by writing a “/” followed by the number of bits in

the mask after the address.

For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with mask 255.255.255.128.

The following table shows all possible subnet masks for a class “C” address using both notations.

Chart G-4 Alternative Subnet Mask Notation

SUBNET MASK IP ADDRESS SUBNET MASK “1” BITS LAST OCTET BIT VALUE

255.255.255.0 /24 0000 0000

255.255.255.128 /25 1000 0000

255.255.255.192 /26 1100 0000

255.255.255.224 /27 1110 0000

255.255.255.240 /28 1111 0000

255.255.255.248 /29 1111 1000

255.255.255.252 /30 1111 1100

The first mask shown is the class “C” natural mask. Normally if no mask is specified it is understood that

the natural mask is being used.

Example: Two Subnets

As an example, you have a class “C” address 192.168.1.0 with subnet mask of 255.255.255.0.

NETWORK NUMBER HOST ID

IP Address 192.168.1. 0

IP Address (Binary) 11000000.10101000.00000001. 00000000

Subnet Mask 255.255.255. 0

Subnet Mask (Binary) 11111111.11111111.11111111. 00000000

The first three octets of the address make up the network number (class “C”). You want to have two

separate networks.

ZyAIR B-500 Wireless Access Point User’s Guide

G-4 IP Subnetting

Divide the network 192.168.1.0 into two separate subnets by converting one of the host ID bits of the IP

address to a network number bit. The “borrowed” host ID bit can be either “0” or “1” thus giving two

subnets; 192.168.1.0 with mask 255.255.255.128 and 192.168.1.128 with mask 255.255.255.128.

In the following charts, shaded/bolded last octet bit values indicate host ID bits

“borrowed” to form network ID bits. The number of “borrowed” host ID bits

determines the number of subnets you can have. The remaining number of host

ID bits (after “borrowing”) determines the number of hosts you can have on each

subnet.

Chart G-5 Subnet 1

NETWORK NUMBER LAST OCTET BIT VALUE

IP Address 192.168.1. 0

IP Address (Binary) 11000000.10101000.00000001. 00000000

Subnet Mask 255.255.255. 128

Subnet Mask (Binary) 11111111.11111111.11111111. 10000000

Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1

Broadcast Address: 192.168.1.127 Highest Host ID: 192.168.1.126

Chart G-6 Subnet 2

NETWORK NUMBER LAST OCTET BIT VALUE

IP Address 192.168.1. 128

IP Address (Binary) 11000000.10101000.00000001. 10000000

Subnet Mask 255.255.255. 128

Subnet Mask (Binary) 11111111.11111111.11111111. 10000000

Subnet Address: 192.168.1.128 Lowest Host ID: 192.168.1.129

Broadcast Address: 192.168.1.255 Highest Host ID: 192.168.1.254

The remaining 7 bits determine the number of hosts each subnet can have. Host IDs of all zeros represent

the subnet itself and host IDs of all ones are the broadcast address for that subnet, so the actual number of

hosts available on each subnet in the example above is 27 – 2 or 126 hosts for each subnet.

192.168.1.0 with mask 255.255.255.128 is the subnet itself, and 192.168.1.127 with mask 255.255.255.128

is the directed broadcast address for the first subnet. Therefore, the lowest IP address that can be assigned

ZyAIR B-500 Wireless Access Point User’s Guide

IP Subnetting G-5

to an actual host for the first subnet is 192.168.1.1 and the highest is 192.168.1.126. Similarly the host ID

range for the second subnet is 192.168.1.129 to 192.168.1.254.

Example: Four Subnets

The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two

subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to

give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits

(11111111.11111111.11111111.11000000) or 255.255.255.192. Each subnet contains 6 host ID bits, giving

26-2 or 62 hosts for each subnet (all 0’s is the subnet itself, all 1’s is the broadcast address on the subnet).

Chart G-7 Subnet 1

NETWORK NUMBER LAST OCTET BIT VALUE

IP Address 192.168.1. 0

IP Address (Binary) 11000000.10101000.00000001. 00000000

Subnet Mask (Binary) 11111111.11111111.11111111. 11000000

Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1

Broadcast Address: 192.168.1.63 Highest Host ID: 192.168.1.62

Chart G-8 Subnet 2

NETWORK NUMBER LAST OCTET BIT VALUE

IP Address 192.168.1. 64

IP Address (Binary) 11000000.10101000.00000001. 01000000

Subnet Mask (Binary) 11111111.11111111.11111111. 11000000

Subnet Address: 192.168.1.64 Lowest Host ID: 192.168.1.65

Broadcast Address: 192.168.1.127 Highest Host ID: 192.168.1.126

Chart G-9 Subnet 3

NETWORK NUMBER LAST OCTET BIT VALUE

IP Address 192.168.1. 128

IP Address (Binary) 11000000.10101000.00000001. 10000000

ZyAIR B-500 Wireless Access Point User’s Guide

G-6 IP Subnetting

Chart G-9 Subnet 3

NETWORK NUMBER LAST OCTET BIT VALUE

Subnet Mask (Binary) 11111111.11111111.11111111. 11000000

Subnet Address: 192.168.1.128 Lowest Host ID: 192.168.1.129

Broadcast Address: 192.168.1.191 Highest Host ID: 192.168.1.190

Chart G-10 Subnet 4

NETWORK NUMBER LAST OCTET BIT VALUE

IP Address 192.168.1. 192

IP Address (Binary) 11000000.10101000.00000001. 11000000

Subnet Mask (Binary) 11111111.11111111.11111111. 11000000

Subnet Address: 192.168.1.192 Lowest Host ID: 192.168.1.193

Broadcast Address: 192.168.1.255 Highest Host ID: 192.168.1.254

Example Eight Subnets

Similarly use a 27-bit mask to create 8 subnets (001, 010, 011, 100, 101, 110).

The following table shows class C IP address last octet values for each subnet.

Chart G-11 Eight Subnets

SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS

1 0 1 30 31

2 32 33 62 63

3 64 65 94 95

4 96 97 126 127

5 128 129 158 159

6 160 161 190 191

7 192 193 222 223

8 224 223 254 255

ZyAIR B-500 Wireless Access Point User’s Guide

IP Subnetting G-7

The following table is a summary for class “C” subnet planning.

Chart G-12 Class C Subnet Planning

NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER

SUBNET

1 255.255.255.128 (/25) 2 126

2 255.255.255.192 (/26) 4 62

3 255.255.255.224 (/27) 8 30

4 255.255.255.240 (/28) 16 14

5 255.255.255.248 (/29) 32 6

6 255.255.255.252 (/30) 64 2

7 255.255.255.254 (/31) 128 1

Subnetting With Class A and Class B Networks.

For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network

number and which are part of the host ID.

A class “B” address has two host ID octets available for subnetting and a class “A” address has three host

ID octets (see Chart J-1) available for subnetting.

The following table is a summary for class “B” subnet planning.

Chart G-13 Class B Subnet Planning

NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET

1 255.255.128.0 (/17) 2 32766

2 255.255.192.0 (/18) 4 16382

3 255.255.224.0 (/19) 8 8190

4 255.255.240.0 (/20) 16 4094

5 255.255.248.0 (/21) 32 2046

6 255.255.252.0 (/22) 64 1022

7 255.255.254.0 (/23) 128 510

8 255.255.255.0 (/24) 256 254

ZyAIR B-500 Wireless Access Point User’s Guide

G-8 IP Subnetting

Chart G-13 Class B Subnet Planning

NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET

9 255.255.255.128

(/25)

512 126

10 255.255.255.192

(/26)

1024 62

11 255.255.255.224

(/27)

2048 30

12 255.255.255.240

(/28)

4096 14

13 255.255.255.248

(/29)

8192 6

14 255.255.255.252

(/30)

16384 2

15 255.255.255.254

(/31)

32768 1

ZyAIR B-500 Wireless Access Point User’s Guide

Command Interpreter H-1

Appendix H

Command Interpreter

The following describes how to use the command interpreter. Enter 24 in the main menu to bring up the

system maintenance menu. Enter 8 to go to Menu 24.8 - Command Interpreter Mode. See the included

disk or www.zyxel.com for more detailed information on these commands.

Use of undocumented commands or misconfiguration can damage the unit and

possibly render it unusable.

Command Syntax

The command keywords are in courier new font.

Enter the command keywords exactly as shown, do not abbreviate.

The required fields in a command are enclosed in angle brackets <>.

The optional fields in a command are enclosed in square brackets [].

The |symbol means “or”.

For example,

sys filter netbios config <type> <on|off>

means that you must specify the type of netbios filter and whether to turn it on or off.

Command Usage

A list of valid commands can be found by typing help or ? at the command prompt. Always type the full

command. Type exit to return to the SMT main menu when finished.

ZyAIR B-500 Wireless Access Point User’s Guide

Log Description I-1

Appendix I

Log Descriptions

Chart I-1 System Maintenance Logs

LOG MESSAGE DESCRIPTION

Time calibration is

successful

The ZyAIR has adjusted its time based on information from the time

server.

Time calibration

failed

The ZyAIR failed to get information from the time server.

DHCP client gets %s A DHCP client got a new IP address from the DHCP server.

DHCP client IP

expired

A DHCP client's IP address has expired.

DHCP server assigns

The DHCP server assigned an IP address to a client.

SMT Login

Successfully

Someone has logged on to the ZyAIR 's SMT interface.

SMT Login Fail Someone has failed to log on to the ZyAIR s SMT interface.

WEB Login

Successfully

Someone has logged on to the ZyAIR 's web configurator interface.

WEB Login Fail Someone has failed to log on to the ZyAIR 's web configurator

interface.

TELNET Login

Successfully

Someone has logged on to the ZyAIR via telnet.

TELNET Login Fail Someone has failed to log on to the ZyAIR via telnet.

FTP Login

Successfully

Someone has logged on to the ZyAIR via FTP.

FTP Login Fail Someone has failed to log on to the ZyAIR via FTP.

ZyAIR B-500 Wireless Access Point User’s Guide

I-2 Log Descriptions

Chart I-2 ICMP Notes

TYPE CODE DESCRIPTION

Echo Reply

Echo reply message

Destination Unreachable

Net unreachable

Host unreachable

Protocol unreachable

Port unreachable

A packet that needed fragmentation was dropped because it was set to Don't

Fragment (DF)

Source route failed

Source Quench

A gateway may discard internet datagrams if it does not have the buffer space

needed to queue the datagrams for output to the next network on the route to

the destination network.

Redirect

Redirect datagrams for the Network

Redirect datagrams for the Host

Redirect datagrams for the Type of Service and Network

Redirect datagrams for the Type of Service and Host

Echo

Echo message

Time Exceeded

Time to live exceeded in transit

Fragment reassembly time exceeded

Parameter Problem

Pointer indicates the error

ZyAIR B-500 Wireless Access Point User’s Guide

Log Description I-3

Chart I-2 ICMP Notes

TYPE CODE DESCRIPTION

Timestamp

Timestamp request message

Timestamp Reply

Timestamp reply message

Information Request

Information request message

Information Reply

Information reply message

Chart I-3 Sys log

LOG MESSAGE DESCRIPTION

Mon dd hr:mm:ss hostname

src="<srcIP:srcPort>"

dst="<dstIP:dstPort>"

msg="<msg>" note="<note>"

This message is sent by the "RAS" when this syslog is

generated. The messages and notes are defined in this

appendix’s other charts.

Log Commands

Go to the command interpreter interface (the Command Interpreter Appendix explains how to access and

use the commands).

Configuring What You Want the ZyAIR to Log

Use the sys logs load command to load the log setting buffer that allows you to configure which logs

the ZyAIR is to record.

Use sys logs category followed by a log category and a parameter to decide what to record

ZyAIR B-500 Wireless Access Point User’s Guide

I-4 Log Descriptions

Chart I-4 Log Categories and Available Settings

LOG CATEGORIES AVAILABLE PARAMETERS

8021x 0, 1

access 0, 1, 2, 3

error 0, 1, 2, 3

icmp 0, 1

mten 0, 1

packetfilter 0, 1

remote 0, 1

tcpreset 0, 1

Use 0 to not record logs for that category, 1 to record only logs for that category, 2 to record only

alerts for that category, and 3 to record both logs and alerts for that category.

Use the sys logs save command to store the settings in the ZyAIR (you must do this in order to

record logs).

Displaying Logs

Use the sys logs display command to show all of the logs in the ZyAIR’s log.

Use the sys logs category display command to show the log settings for all of the log

categories.

Use the sys logs display [log category] command to show the logs in an individual ZyAIR

log category.

Use the sys logs clear command to erase all of the ZyAIR’s logs.

Log Command Example

This example shows how to set the ZyAIR to record the error logs and alerts and then view the results.

ras> sys logs load

ras> sys logs category error 3

ras> sys logs save

ras> sys logs display access

ZyAIR B-500 Wireless Access Point User’s Guide

Log Description I-5

# .time source destination

notes

message

0|11/11/2002 15:10:12 |172.22.3.80:137 |172.22.255.255:137

|ACCESS BLOCK

ZyAIR B-500 Wireless Access Point User’s Guide

Index J-1

Appendix J

Index

Address Assignment.........................................3-5, 7-1

Ad-hoc Configuration.............................................D-2

Alternative Subnet Mask Notation ......................... G-3

Applications ............................................................1-4

auto-negotiation.......................................................1-1

backup ...................................................................17-2

Backup.....................................................................9-8

Basic Service Set....................................................D-2

BSS............................................. See Basic Service Set

CA ...........................................................................F-1

Certificate Authority......................................... See CA

Channel ID .....................................................5-6, 12-3

Classes of IP Addresses.......................................... G-1

Collision ................................................................16-2

Command Interpreter ............................................18-1

Community............................................................14-2

Computer’s IP Address .......................................... C-1

CPU Load..............................................................16-3

Customer Support....................................................... v

Data encryption .......................................................3-1

Default...................................................................9-11

DHCP ....................................................................16-4

Diagnostic .............................................................16-6

Diagnostic Tools ...................................................16-1

Direct Sequence Spread Spectrum..........................D-2

Distribution System................................................D-3

DS...........................................See Distribution System

DSSS ............... See Direct Sequence Spread Spectrum

EAP ........................................................................ 1-3

EAP Authentication ................................................ F-1

MD5 ................................................................... F-1

TLS..................................................................... F-1

TTLS .................................................................. F-1

Error Log .............................................................. 16-5

Error/Information Messages

Sample.............................................................. 16-5

ESS .. See Extended Service Set. See Extended Service

Set

ESS ID.................................................................... 3-1

Extended Service Set ...................................... D-3, 5-2

Extended Service Set IDentification ....................... 5-6

FCC .......................................................................... iii

FHSS ......... See Frequency-Hopping Spread Spectrum

Filename Conventions .......................................... 17-1

Firmware File

Maintenance................................................ 9-6, 9-8

Fragment Threshold.............................................. 12-3

Fragmentation Threshold........................................ 5-4

Frequency-Hopping Spread Spectrum ....................D-2

FTP File Transfer.................................................. 17-7

General Setup ......................................... 3-2, 4-1, 11-1

Hidden Menus....................................................... 10-4

Host ........................................................................ 4-3

ZyAIR B-500 Wireless Access Point User’s Guide

J-2 Index

Host IDs..................................................................G-1

IBSS....................... See Independent Basic Service Set

IEEE 802.11 ...........................................................D-1

Deployment Issues ............................................. E-1

Security Flaws.................................................... E-1

IEEE 802.1x ....................................................E-1, 1-3

Advantages......................................................... E-1

Independent Basic Service Set................. D-2, 5-1, 9-5

Infrastructure Configuration ...................................D-2

Internet access........................................................12-1

Internet Access ................................................ 1-4, 1-5

Internet Security Gateway .......................................1-1

IP Address .................... 3-5, 7-1, 7-2, 12-2, 16-4, 16-6

IP Addressing .........................................................G-1

IP Classes................................................................G-1

Link type................................................................16-2

Log and Trace........................................................16-5

Log Descriptions......................................................J-1

Logs .........................................................................8-1

MAC Address Filter Action........................... 6-6, 12-6

MAC Address Filtering .........................................12-5

Main Menu ............................................................10-4

Management Information Base (MIB)...................14-2

MD5........................................................................ F-1

Message Digest Algorithm 5 .........................See MD5

Network Management .............................................1-3

Network Topology With RADIUS Server ExampleE-2

Packets...................................................................16-2

Password............................................... 4-2, 10-1, 14-2

Ping........................................................................16-6

Private IP Address............................................3-5, 7-1

Quick Installation Guide .......................................... xv

RADIUS.................................................................. 1-3

RAS....................................................................... 16-4

Rate

Receiving.......................................................... 16-2

Transmission..................................................... 16-2

Related Documentation............................................ xv

Remote Authentication Dial In User Service ..........See

RADIUS

Remote Node ........................................................ 16-2

Required fields ...................................................... 10-4

Restore .................................................................... 9-9

Restore Configuration........................................... 17-5

RF signals .............................................................. D-1

Roaming

Example.............................................................. 5-7

Requirements...................................................... 5-8

RTS Threshold...............................................5-3, 12-3

Server...................................................................... 4-5

Service ...................................................................... iv

Service Set .............................................................. 5-6

SMT Menu Overview ........................................... 10-2

SNMP

Community ....................................................... 14-3

Configuration.................................................... 14-2

Get .................................................................... 14-2

GetNext ............................................................ 14-2

Manager............................................................ 14-2

MIBs................................................................. 14-2

Set..................................................................... 14-2

Trap .................................................................. 14-2

Traps........................................................ 14-3, 14-4

Trusted Host ..................................................... 14-3

Subnet Mask.................................. 3-5, 7-1, 12-2, 16-4

Subnet Masks ......................................................... G-2

Subnetting .............................................................. G-3

ZyAIR B-500 Wireless Access Point User’s Guide

Index J-3

Supporting Disk........................................................ xv

System

Console Port Speed....................................... 16-4

Diagnostic ...................................................... 16-5

Log and Trace................................................ 16-5

System Information...........................................16-3

System Status....................................................16-1

Time and Date...................................................18-2

System Information ...............................................16-3

System Information & Diagnosis ..........................16-1

System Maintenance..16-1, 16-3, 17-2, 17-4, 17-5, 17-

6, 17-9, 18-1, 18-2, 18-3

System Management Terminal..............................10-4

System Name...........................................................4-2

TCP/IP...................................................................16-6

TFTP File Transfer................................................17-9

Time and Date Setting...........................................18-2

Time Server...........................................................18-3

Time Zone .............................................................18-3

TLS..........................................................................F-1

Trace Records........................................................16-5

Transport Layer Security................................ See TLS

Troubleshooting

Accessing ZyAIR.......................................A-2, A-3

Ethernet Port ...................................................... A-1

Password ............................................................ A-2

Start-Up..............................................................A-1

TTLS....................................................................... F-1

Tunneled Transport Layer Service................See TTLS

Upload Firmware.................................................. 17-6

User Profiles .................................................. 6-9, 13-1

Valid CI Commands ............................................. 18-1

Web Configurator ............................................ 2-1, 2-3

WEP........................................................................ 3-1

WEP Encryption............................................ 6-4, 12-3

Wireless LAN............................................... D-1, 12-2

Benefits ..............................................................D-1

Wireless LAN Setup ............................................. 12-2

Wizard Setup .....................................3-1, 3-2, 3-3, 3-4

WLAN ............................................ See Wireless LAN

ZyNOS......................................................... 17-1, 17-2

ZyNOS F/W Version ............................................ 17-1

ZyXEL Limited Warranty

Note.......................................................................iv

ZyXEL Communications B500 Wireless LAN Access Point User Manual P650H 17 ADSL Router User s Guide

ZyXEL Communications Corporation Wireless LAN Access Point P650H 17 ADSL Router User s Guide

Contents

Users Manual 2

Navigation menu

Namespaces

Views

Navigation