Manuel d'utilisation / d'entretien du produit WRT-410 du fabricant IBM
Aller à la page of 69
80 2 .11g W ir e les s Broadband Router WRT-410 User ’ s Manual.
Co p y right Copyright 2003 by PLANE T T echnology Corp . A ll righ t s r eserved . No par t of t his publication ma y be reproduced, t r ansmit t ed, t r anscribed, s t ored in a ret r ieval syst.
Federal Communication Commissio n (FCC) Radiation Exposure Statement This equipment complies w ith FCC radia t ion e x posure set f orth for an uncontrolled envi r onment.
T A BLE OF CONTENTS C H A P T ER 1 IN T RODUC T I O N ................................................................................................. .1 1.1 P ACKAGE C ON T ENTS .......................................................................
3.5. 5 Fire w all R u l e .......................................................................................................... . 25 3.6 M ANAGEMENT .................................................................................................
- 1 - Chapter 1 I ntroduction Thank you f or purchasing W R T -410. This device features the latest innovation w ireless technology making the w ireless net w orking w orld happened . This manual guides you on ho w to ins t all and properl y use t he W R T -410 in order to t ake full advan t age of i t s features.
- 2 - 1.4 Speci f ica t ion S t a n dards IEEE 8 02 . 11b , IEEE 8 0 2. 1 1g Si g n a l T y pe DSSS ( D irect Seq u ence S p read Spectru m ) Mod u la t i o n BPSK / QPSK / C C K / OF D M Port W A N: .
- 3 - 1.5 W ireles s P e rf o rmance The follo w ing info r ma t ion w ill help you utilizing t he w ireless performance, and opera t ing co v erage of W R T -410.
- 4 - Chapter 2 H ard w a re Installation Before you p r oceed w ith the ins t allation, it is necessary that you have enough info r ma t ion about the W R T -410.
- 5 - Chapter 3 C onf i gure through Web Br o w ser W eb configura t ion provides a user-f r iendly graphical user in t erface ( w eb pages ) to manage you r W R T -410. A W R T -410 w ith an assigned I P add r ess w ill allo w s you to monitor and configure via w eb bro w ser (e.
- 6 - This page enables you to se t LAN and DHCP properties, such as the host name , IP address, subne t mask, and domain name. L A N and DHCP profiles are lis t ed in the DHCP table a t the bottom o f the screen. Host Name: Type the host name in the te x t bo x .
- 7 - M A C A ddress: If required b y your ISP , type the M AC address fo r the W RT-410 W A N in t erface in this field. Y ou can also copy the MAC address of your PC ’ s ne tw ork card to t he W RT - 410 W A N inter f ace b y clicking “ Clone M AC address ” .
- 8 - W hen using PPT P , enter the f ollo w ing info r ma t ion in t he f ields (some information are pro v ided by your ISP): IP A ddress: Type the IP add r ess w hich your ISP provides . Subnet Mask: Type the Subnet M ask w hich your ISP provides. Gate wa y: Type the IP address of Ga t e w ay w hich your ISP provides.
- 9 - A dministrator: Type the pass w ord the Administrato r w ill use to login to the sys t em . The pass w ord mus t be typed again for confi r ma t ion. User: Users can type a pass w ord t o be used fo r logging in t o the system. The pass w ord mus t be typed again for con f irmation.
- 10 - 3.1.5 D y namic DNS Y ou can configure W R T -410 t o use DDNS service if you already have a regis t ered DDNS account. DDN S : Y ou can enable or disable DDNS func t ion here. Server A ddress : Please type in t he url of you r DDNS ser v ice provide r .
- 11 - Enable/D i sable: Enable or disable w ireless LAN via t he W R T-410. SSID: Type an SSID in the field . The SSI D o f any w ireless device mus t ma t ch the SSI D typed here in order f or the w ireless device t o access the LAN and W A N via the W RT - 410.
- 12 - Lifetime : Select prope r time interval from t he d r op-do w n list. Once t he life t ime e x pires, t he Encryption key w ill be rene w ed by RADIUS server automatically. Encr y ption K e y : Select the E ncryption key length t o be 64 - bits or 128-bits.
- 13 - Beacon Interval: Type the beacon interval in the field . Y ou can specify a value from 20 to 1000. The default beacon interval is 100 . RTS Threshold: Type the RTS (Request-To-Send ) th r eshold in the f ield. This value stabilizes da t a f lo w.
- 14 - Firm w a r e Version : Displays the lates t build o f the W RT-410 f irm w are inter f ace. Af t er upgrading the firm w are in Tools -> Fi r m w are, check this to ensure t hat you r firm w are w as successfully upgraded.
- 15 - First Page : Vie w the f irst page of the log message list. Last Page : Vie w the last page of the log message list. Previous Page: Vie w the page just before the current page . Next Page : Vie w the page jus t after t he current page. Clear Log : Delete the conten t s of t he log and begin a ne w log.
- 16 - SMTP Server : Type the SMTP server address f or the email that the log w ill be sent t o in the ne x t field. Send to : Type an email address for t he log to be sent to.
- 17 - Click “ Reset ” to erase all s t a t istics and begin logging s t atistics again. Utilization: Separates packe t transmission statistics in t o send and receive categories.
- 18 - Ne t w ork A ddress : Type the static IP add r ess your net w ork uses to access t he In t ernet . Y our ISP or net w ork administ r ator p r ovides you w ith this in f ormation. Ne t w ork Mask : Type the ne tw ork (subnet) mask fo r your net w ork.
- 19 - N A T : Select the op t ion to enable o r disable NAT. Transmit : Select t he option to set t he desired t r ansmit pa r amete r s. Disabled , RIP 1 o r R I P 2. Receive : Select t he option to set t he desi r ed t r ansmi t parameters . Disabled, RIP 1 or RIP 2.
- 20 - 3.5 A ccess 3.5.1 Filte r s This screen enables you to allo w and deny user access based upon the filte r s you set. I f MAC Filte r s i s selected, the screen appea r s as belo w . M A C Filter: Enables you to allo w or deny In t erne t access f o r users w ithin the LA N based upon the M AC address of their net w ork in t er f ace.
- 21 - The follo w ing screen appea r s once you select I P Filte r s . It enables you to de f ine a minimum and ma x imum IP address r ange filter; all IP addresses falling in the range are not allo w ed Internet access . The I P filter p r ofiles are lis t ed in the t able a t the bot t om of the page.
- 22 - Select Domain B locking, and t he follo w ing screen appea r . Domain Blocking : There are three options in this f ield. S elect the proper setting acco r ding t o you r demand. Permitted Domains : Ente r the domain name in the te x t field, and click “ Add ” but t on to add it to t he lis t .
- 23 - Note: W hen selecting i t ems in the t able at t he bottom, click any w here in the item. The line is selected, and the fields automatically load t he item ' s pa r ameters, w hich you can edit. Protocol Fil t er : Enables you t o allo w or deny In t erne t access to use r s based upon t he communications protocol of the origin.
- 24 - Public Port: Type the port number on the W A N t hat w ill be used to p r ovide access to the virtual server. L A N Server: Type the LAN I P address tha t w ill be assigned to the vi r tual server. A d d: Click to add the virtual server to the table at the bottom of the screen.
- 25 - 3.5.4 DMZ This screen enables you to c r eate a D M Z for those compu t ers that cannot access In t ernet applica t ions prope r ly through the W R T -410 and associated secu r ity se t tings. Enable : Click to enable or disable the D M Z. DMZ Host IP: Type a host I P address for t he D M Z.
- 26 - Enable : Click to enable or disable the f ire w all rule p r ofile. Name : Type a desc r iptive name fo r the fire w all r ule profile . A ction : Select w hether to allo w or deny packets that confo r m to t he rule. Source : Defines the source o f the incoming packet t hat t he r ule is applied t o.
- 27 - Enabled/D i sab l ed : Click to enable or disable SN M P. By default is disabled. S y stem Name: Displays the name given t o the W RT-410. S y stem Location : Displays the location of the W RT-410 (normally, t he DNS name ) . S y stem Contact: Displays the con t act in f ormation for t he pe r son r esponsible for the W RT-410.
- 28 - Enable : Click to enable or disable HTTP access for remo t e management. Remote IP Range: Type the r ange of IP addresses t hat can be used f or remote access. A llo w s t o Ping W A N Port : T h is func t ion allo w s remo t e use r s to ping W RT-410 W A N port I P address.
- 29 - Save Settings : Click to save t he current configuration as a profile tha t you can load w hen necessary. Load Settings: Click “ B r o w se ” and go to the location of a s t ored profile. Click Load t o load the p r ofile's settings. Restore Fac t or y Default Settings : Click t o restore t he de f ault set t ings.
- 30 - 3.8 W izard The setup w izard enables you to configure the W RT-410 quickly and conveniently. Click “ W izard ” button, the w indo w belo w w ill appea r . Please click “ Ne x t> ” and follo w the steps to configu r e W RT-410. Y ou are promp t ed to select a pass w ord.
- 31 - Chapter 4 802 . 1X A uthenticat i on Setup 4.1 8 02. 1 X Infra s tructure An 802.1 X Infrastructu r e is composed o f three majo r componen t s: Authenticato r , Au t hen t ication serve r , and Supplicant. A uthentication server: An entity t hat provides an authentication service to an authenticator .
- 32 - 6. The client validates the digi t al cer t ificate, and replies i t s o w n digi t al cer t ifica t e to t he R A DIUS serve r . 7. The RADIUS server valida t es client ’ s digi t al cer t ificate. 8. The client and RADIUS se r ver derive encryption keys.
- 33 - 6. Enter the info r ma t ion tha t you w ant for your Ce r tifica t e Service, and click “ Next ” to continue . 7. Go to S t art > Program > A dministra t ive Tools > Certif i cate A uthori t y . 8. Right-click on the “ Poli c y S etting ” , select “ new ” .
- 34 - 11. Go to Start > Program > A dministrative Tools > A ctive Director y Users and Computers . 12. Right-click on domain, and select ” Properties ” to con t inue. 13. Selec t “ Group Pol i cy ” tab and click “ Properties ” to con t inue .
- 35 - 14. Go to “ Compu t er Configuration ” > “ Securi t y Settings ” > “ Public K e y Policies ” 15. Right-click “ A utomatic Certificate Request S etting ” , and select “ New ” 16. Click “ A utomatic Certif i cate Request .
- 36 - 17. The Au t oma t ic C erti f icate Request Setup W iza r d w ill guide you th r ough the Automa t ic Certi f icate Request setup , simply click “ Next ” th r ough to t he last step. 18. Click “ Fin i sh ” to complete the Au t omatic Certi f icate Request Setup 19.
- 37 - Setting In t ernet Authenticat i on Service 24. Go to Start > Program > A dministrative Tools > Inte r net A uthentication Service . 25.
- 38 - 28. In the Inte r net Authentication Service, right - click “ R emo t e A ccess Pol i cies ” 29. Selec t “ New Remote A ccess Pol i cy ” .
- 39 - 31. Unless you w ant to specif y the active dura t ion for 802.1 X authentication, click “ OK ” to accept for having 802.1 x authentication enabled a t all times. 32. Selec t “ Grant remo t e access pe r miss i on ” , and click “ Next ” to continue.
- 40 - 33. C lic k “ Edit Profile ” . For TLS Authenticat i on Setup (Steps 34 ~ 35 ) 34. Selec t “ A uthentication ” Tab. 35. Enable “ Extensible A uthentication Protocol ” , and select “ Smart C ard or other Cert i ficate ” f or TLS au t hen t ication.
- 41 - For M D5 Authentication S e t up (Steps 36 ~ 37 ) 36. Selec t “ A uthentication ” Tab. 37. Enable “ Extensible A uthentication Protocol ” . Select “ MD5-Challenge ” and enable “ E ncr y pted A uthentication (CH A P) ” for MD5 authentication.
- 42 - 38. Selec t “ Internet A uthentication Service (Local) ” , click on “ Action ” f r om t op panel. Then click “ Register Service i n A ctive Directory ” . 39. Go to Start > Program > A dministrative Tools > A ctive Director y Users and Computers.
- 43 - 42. Go to “ Computer Conf i guration ” > “ Windows S ettings ” > “ Securi t y Settings ” > “ A ccount Policies ” > “ Password Pol i c i es ” . D ouble click on “ S t ore password us i ng reversib l e enc r y ption for all users in the domain ” .
- 44 - 43. Click “ Define this poli c y s etting ” , select “ E nab l ed ” , and click “ OK ” to continue . 44. Go to Start > Program > A dministrative Tools > A ctive Director y Users and Computers . 45. Go to Users . R ight - click on the use r tha t you are granting access, and selec t “ Propert i es ” .
- 45 - 48. Go to the “ Dial-in ” tab , and check “ A llo w access ” op t ion for Remote Access Pe r mission and “ No Call-back ” for Callback Options.
- 46 - 4.3 A uthenticator Setup 1. For E A P-MD5 Au t hen t ication, W E P key must be set previously. Go t o Wireless> A uthentication. Enable W E P key, and ente r a desi r ed key string. Y ou can skip this step i f using E A P-TLS Authen t ication .
- 47 - 6. En t er the IP address, Por t number, and S hared Secre t K e y used by the Secondar y Radius Server. 7. Click “ A pp ly ” . The 802.1 x settings w ill t ake effect r igh t af t er W RT-410 reboo t s i t sel f. 4.4 W ireles s Clie n t Setup W indo w s XP is originally 802 .
- 48 - 5. Click “ Properties ” of one a v ailable w ireless net w ork, w hich you w ant to associate w ith . 6. Select “ Da t a encr y ption (WEP enabled ) ” option, but leave othe r op t ions unselected .
- 49 - 7. Enter the net w ork key in “ N e t w ork k ey ” t e x t bo x . The string must be t he same as the fi r st set o f W E P key w hich you set t o W RT-410. 8. Click “ OK ” . 9. Select “ A uthentication ” tab. 10. Selec t “ Enab l e ne t work access contro l using IEEE 802.
- 50 - 12. Click “ OK ” . 13. W hen w ireless client has associated w ith W RT - 410, a user authen t ica t ion no t ice appears in system tray. Click on the no t ice to continue. 14. En t er the user name , pass w ord and the logon domain t hat your account belongs.
- 51 - CA server. Fu r the r more , you mus t have a valid account/pass w ord to access the server . 1. Ac t ive w eb bro w ser, en t er “ http:/ / 192 . 168 . 1.10/ce r tsrv ” in t he Add r ess field w hich 192.168.1.10 is the IP address of our server.
- 52 - 5. Click “ Submit > ” to con t inue. 6. The Certi f icate Service is no w processing the cer t ificate request..
- 53 - 7. The cer t ifica t e is issued by t he server, click “ Install t his certificate ” t o do w nload and sto r e the certi f icate t o your local compu t er. 8. Click “ Y es ” to s t ore the certifica t e to your local computer . 9. Certi f icate is no w installed.
- 54 - 2. Right-click on the W ireless Net w ork Connection w hich using W L - 3555. 3. Click “ Properties ” to open up the P r oper t ies setting w indo w . 4. Click on the “ Wireless Ne t work ” t ab. 5. Click “ Properties ” of one a v ailable w ireless net w ork, w hich you w ant to associate w ith .
- 55 - 6. Select “ The k e y is provided for me automatica l ly ” option. 7. Click “ OK ” ..
- 56 - 8. Click “ A uthentication ” tab 9. Select “ Enable ne t work access control using IEEE 802 . 1X ” op t ion t o enable 802.1 x authen t ica t ion. 10. Selec t “ Smart Card or other Certificate ” from the drop-do w n list bo x for EAP type.
- 57 - 13. Selec t the cer t ifica t e that w as issued by the server (in ou r demons t ration: W irelessCA), and click “ OK ” to continue. 14. M ake su r e this cer t ificate is issued by correct server, and click “ OK ” to complete the au t hentica t ion process.
- 58 - Chapter 5 Troubleshooting This chapter provides solutions to problems usually encoun t ered during the ins t alla t ion and ope r ation of the Wireless Broadband Router .
- 59 - This ne w produc t s use the A CX 100 chip from T e x as Instrumen t s. In addition to mee t ing t he e x isting s t andard, t he chip also suppo rt s a ne w modulation scheme developed by TI, called Packet Binar y Convolution C ode (PBCC).
- 60 - DNS DNS s t ands for D omain Name Sys t em . DNS conver t s machine names to the I P add r esses tha t a l l machines on the net have. It t r anslates from name to address and from address t o name . DOM A IN N A ME The domain name typically re f ers to an I nte r net site add r ess .
- 61 - IP I P (Internet Pro t ocol) is the protocol in the TCP/I P communications protocol suite that con t ains a net w or k address and allo w s messages to be routed to a di f ferent net w ork or subnet. H o w eve r , I P does not ensu r e delivery of a complete message — TC P provides the f unction of ensuring deliver y .
- 62 - PING Ping (Packet INte r net Groper) is a utility used to find out if a p articular I P address is present online, and is usually used by net w orks f or debugging. PORT Por t s a r e the communications pa t h w ays in and out of compu t ers and net w ork devices (route r s and s w itches ) .
- 63 - w ith an incoming I P address to dete r mine w hether t o accept or reject t he p acket. SYSLOG SERVER A SysLog server monitors incoming Syslog messages and decodes the messages f or logging purposes.
- 64 - W LAN. W AN W A N ( W ide Area Net w ork ) is a communica t ions net w ork t hat covers a w ide geographic area such as a country (cont r as t ed w ith a L A N, w hich cove r s a small area such as a com p any building).
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté IBM WRT-410 c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du IBM WRT-410 - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation IBM WRT-410, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le IBM WRT-410 va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le IBM WRT-410, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du IBM WRT-410.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le IBM WRT-410. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei IBM WRT-410 ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.