User Manual
Page 2
... fast and easy: the plug-and-play WS2000 automatically detects and configures access ports with a single user ID and password for instant hotspot access in RF management features, controlling the power and channels of the APs providing a high performance, resilient network connection your wired and wireless network - allowing, for example, a chain of coffee shops to provide...
... fast and easy: the plug-and-play WS2000 automatically detects and configures access ports with a single user ID and password for instant hotspot access in RF management features, controlling the power and channels of the APs providing a high performance, resilient network connection your wired and wireless network - allowing, for example, a chain of coffee shops to provide...
Reference Guide
Page 5
... Examine the Approve and Rogue Access Ports 5-33 5.9.4 Setting SNMP Traps for Rogue APs 5-36 5.10 Configuring Wirless Intrusion Protection System (WIPS 5-37 5.11 Wireless Intrusion Detection System 5-38 5.11.1 WIDS Configuration 5-39 5.11.2 Filtered MUs 5-40 5.12 Smart Scan 5-41 5.13 Self Healing 5-42 5.14 Mesh ... Shell Connection Parameters 6-3 6.1.3 Admin Authentication and RADIUS Server Authentication Setup 6-3 6.1.4 Setting Up AirBEAM Software Access 6-3 6.1.5 Applet Timeout Specification 6-4 6.1.6 Changing the Administrator Password 6-4 6.2 Configuring User Authentication 6-4
... Examine the Approve and Rogue Access Ports 5-33 5.9.4 Setting SNMP Traps for Rogue APs 5-36 5.10 Configuring Wirless Intrusion Protection System (WIPS 5-37 5.11 Wireless Intrusion Detection System 5-38 5.11.1 WIDS Configuration 5-39 5.11.2 Filtered MUs 5-40 5.12 Smart Scan 5-41 5.13 Self Healing 5-42 5.14 Mesh ... Shell Connection Parameters 6-3 6.1.3 Admin Authentication and RADIUS Server Authentication Setup 6-3 6.1.4 Setting Up AirBEAM Software Access 6-3 6.1.5 Applet Timeout Specification 6-4 6.1.6 Changing the Administrator Password 6-4 6.2 Configuring User Authentication 6-4
Reference Guide
Page 27
... message displays, and you are prompted to save the changes. Log in both fields, and click the Update Password Now button. Select and change the country of the System Settings screen. 7. If the login is displayed. The... System Setting screen is successful, the following screen displays. 4. Enter a new admin password in using "admin" as the User ID and "symbol" as the Password. 5. Click the Apply button to change the country from Sun's website), and be sure ...' JRE 1.4 or higher (available from the Country drop-down list of operation for the switch. 6.
... message displays, and you are prompted to save the changes. Log in both fields, and click the Update Password Now button. Select and change the country of the System Settings screen. 7. If the login is displayed. The... System Setting screen is successful, the following screen displays. 4. Enter a new admin password in using "admin" as the User ID and "symbol" as the Password. 5. Click the Apply button to change the country from Sun's website), and be sure ...' JRE 1.4 or higher (available from the Country drop-down list of operation for the switch. 6.
Reference Guide
Page 32
... is no traffic. 2-8 WS2000 Wireless Switch System Reference Guide when servers...switch's router to use to arrive at a value. Some ISPs terminate inactive connections, while others do not. One of servers that their clients communicate using this information from the drop-down menu. Many DSL providers require that can translate domain names, such as www.motorola...device to clients on the PPPoE tab under the WAN screen. 1. The username and password are idle. If the ISP drops the connection after every log-in . Select the appropriate WAN authentication method from the network...
... is no traffic. 2-8 WS2000 Wireless Switch System Reference Guide when servers...switch's router to use to arrive at a value. Some ISPs terminate inactive connections, while others do not. One of servers that their clients communicate using this information from the drop-down menu. Many DSL providers require that can translate domain names, such as www.motorola...device to clients on the PPPoE tab under the WAN screen. 1. The username and password are idle. If the ISP drops the connection after every log-in . Select the appropriate WAN authentication method from the network...
Reference Guide
Page 34
... from the clients within the WLAN. In the Network Configuration --> Wireless --> --> --> Security screen, the administrator can set the user authentication method and the encryption method, as well as username, password, and sometimes secret-key information. For testing connectivity...can monitor a network for less than a day and decode its appearance and prevent unauthorized reading. The WS2000 Wireless Switch provides two methods for validating user credentials such as define a set of wireless data. Decryption applies the algorithm in the IEEE Wireless Fidelity (Wi-Fi...
... from the clients within the WLAN. In the Network Configuration --> Wireless --> --> --> Security screen, the administrator can set the user authentication method and the encryption method, as well as username, password, and sometimes secret-key information. For testing connectivity...can monitor a network for less than a day and decode its appearance and prevent unauthorized reading. The WS2000 Wireless Switch provides two methods for validating user credentials such as define a set of wireless data. Decryption applies the algorithm in the IEEE Wireless Fidelity (Wi-Fi...
Reference Guide
Page 50
...through the WAN port. To enable filtering using a user ID and password. This option is only available only when Trunk Port is performed only for Wireless traffic. Set the appropriate filter and click Ok to select a Trunk Port for the switch. The VLAN for a particular MU is identified when the MU ...on the VLAN ID provided by the driver) and processes the packet based on the port. Enter the Default VLAN ID to Wan. 3-14 WS2000 Wireless Switch System Reference Guide The upper part of the screen is used for packets that do not have the VLAN tag inserted. User-based VLAN traffic...
...through the WAN port. To enable filtering using a user ID and password. This option is only available only when Trunk Port is performed only for Wireless traffic. Set the appropriate filter and click Ok to select a Trunk Port for the switch. The VLAN for a particular MU is identified when the MU ...on the VLAN ID provided by the driver) and processes the packet based on the port. Enter the Default VLAN ID to Wan. 3-14 WS2000 Wireless Switch System Reference Guide The upper part of the screen is used for packets that do not have the VLAN tag inserted. User-based VLAN traffic...
Reference Guide
Page 57
.... 2. This number is for the switch. Check Enable in the LAN need to be idle before it disconnects. The username and password is the amount of hosts through a simple device to a remote access concentrator. Many DSL providers require that the network uses when passing information. The facility ... be accessed (addressed) by the outside world will use to address the WS 2000 Wireless Switch. • Click the More IP Addresses button to specify additional static IP addresses for the switch's router to use when connecting to enable this protocol. The pop-up window allows ...
.... 2. This number is for the switch. Check Enable in the LAN need to be idle before it disconnects. The username and password is the amount of hosts through a simple device to a remote access concentrator. Many DSL providers require that the network uses when passing information. The facility ... be accessed (addressed) by the outside world will use to address the WS 2000 Wireless Switch. • Click the More IP Addresses button to specify additional static IP addresses for the switch's router to use when connecting to enable this protocol. The pop-up window allows ...
Reference Guide
Page 58
4-4 WS2000 Wireless Switch System Reference Guide 4. In either case, enabling Keep-Alive mode keeps the switch's WAN connection alive, even when there is logging into knows the same secret value and performs the same mathematical operations. Once connected, the ... menu. PAP An identity verification method used to send a user name and password over the WAN even when client communications to a computer that a hacker could read. 6. Check Keep Alive to instruct the switch to continue occasional communications over a network to the WAN are idle. Select between None, PAP, CHAP, or PAP...
4-4 WS2000 Wireless Switch System Reference Guide 4. In either case, enabling Keep-Alive mode keeps the switch's WAN connection alive, even when there is logging into knows the same secret value and performs the same mathematical operations. Once connected, the ... menu. PAP An identity verification method used to send a user name and password over the WAN even when client communications to a computer that a hacker could read. 6. Check Keep Alive to instruct the switch to continue occasional communications over a network to the WAN are idle. Select between None, PAP, CHAP, or PAP...
Reference Guide
Page 66
... Simple MD5 This option disables the RIP authentication. Both (for example, if the switch manages a private LAN. The MD5 setting activates the RIP v2 Authentication settings for data ... information to provide a simple authentication mechanism to use in stub networks and in the Password (Simple Authentication) field. 5. Available options are available options. ...the Password (Simple Authentication) field. This option enable RIP version 2's simple authentication mechanism. The MD5 algorithm is selected, fill in the Key #1 and Key #2 fields. 4-12 WS2000 Wireless Switch System...
... Simple MD5 This option disables the RIP authentication. Both (for example, if the switch manages a private LAN. The MD5 setting activates the RIP v2 Authentication settings for data ... information to provide a simple authentication mechanism to use in stub networks and in the Password (Simple Authentication) field. 5. Available options are available options. ...the Password (Simple Authentication) field. This option enable RIP version 2's simple authentication mechanism. The MD5 algorithm is selected, fill in the Key #1 and Key #2 fields. 4-12 WS2000 Wireless Switch System...
Reference Guide
Page 67
... between communicating parties. • Integrity ensures that use encryption and tunneling to give users remote access to create a VPN tunnel. The WS 2000 Network Switch provides VPN technology with password authentication or digital signatures) ensures the identity of all communicating parties. In essence, the trust relationship is not altered in any way during...
... between communicating parties. • Integrity ensures that use encryption and tunneling to give users remote access to create a VPN tunnel. The WS 2000 Network Switch provides VPN technology with password authentication or digital signatures) ensures the identity of all communicating parties. In essence, the trust relationship is not altered in any way during...
Reference Guide
Page 81
... the DynDNS account you wish to activate DynDNS configuration. To view or change the DynDNS settings, select Network Configuration --> WAN --> DynDNS from the DynDNS servers. Enter a your Password for the specified domain(s) is a feature offered by www.dyndns.com which displays the hostname, IP ...to update the WS2000's current WAN IP address with that new IP address is sent to use for changes to be specified in the fields below. 2. Enter your Hostname for using the DynDNS service. WAN Configuration 4-27 4.7 Configuring DynDNS The WS 2000 Wireless Switch provides support ...
... the DynDNS account you wish to activate DynDNS configuration. To view or change the DynDNS settings, select Network Configuration --> WAN --> DynDNS from the DynDNS servers. Enter a your Password for the specified domain(s) is a feature offered by www.dyndns.com which displays the hostname, IP ...to update the WS2000's current WAN IP address with that new IP address is sent to use for changes to be specified in the fields below. 2. Enter your Hostname for using the DynDNS service. WAN Configuration 4-27 4.7 Configuring DynDNS The WS 2000 Wireless Switch provides support ...
Reference Guide
Page 90
...authentication (Remote Dial-In User Service, or RADIUS) server on which the primary RADIUS server is optional. On the Network Configuration --> Wireless --> --> Security screen, select the 802.1x EAP radio button to display a sub-screen for specific authentication settings...to both wired and wireless LAN applications. The secondary server acts as username, password, and sometimes, secret-key information. EAP supports multiple authentication measures. Specify the port on the wired side of a secondary (failover) server. 5-8 WS2000 Wireless Switch System Reference Guide The...
...authentication (Remote Dial-In User Service, or RADIUS) server on which the primary RADIUS server is optional. On the Network Configuration --> Wireless --> --> Security screen, select the 802.1x EAP radio button to display a sub-screen for specific authentication settings...to both wired and wireless LAN applications. The secondary server acts as username, password, and sometimes, secret-key information. EAP supports multiple authentication measures. Specify the port on the wired side of a secondary (failover) server. 5-8 WS2000 Wireless Switch System Reference Guide The...
Reference Guide
Page 92
5-10 WS2000 Wireless Switch System Reference Guide 18.Click the Ok button to a server (and vice versa) across an insecure network connection. Using this protocol, a client can encrypt all communications to enable Kerberos authentication. 2. After a client and server.../server applications by using an uppercase version of the DNS domain name that NTP is typically named using secret-key cryptography. Specify a Password for authentication settings. 3. The Key Distribution Center (KDC) implements an authentication service and a ticket granting service, whereby an authorized user...
5-10 WS2000 Wireless Switch System Reference Guide 18.Click the Ok button to a server (and vice versa) across an insecure network connection. Using this protocol, a client can encrypt all communications to enable Kerberos authentication. 2. After a client and server.../server applications by using an uppercase version of the DNS domain name that NTP is typically named using secret-key cryptography. Specify a Password for authentication settings. 3. The Key Distribution Center (KDC) implements an authentication service and a ticket granting service, whereby an authorized user...
Reference Guide
Page 111
...on the left. Using this box to change a WLAN name. It uses a username and password for all wired clients on a WLAN. If the Bandwidth Share Mode is set for each... that the multicast packets for these settings to match. Some VoIP devices make a WLAN active, go to the Wireless screen. 5.8 Setting Up Port Authentication for AP 300 Access Ports ...Wireless Configuration 5-29 Bandwidth Share for Each WLAN Table The fields in this table are not delayed by the packet queue. Select Network Configuration --> [Access Ports] --> 802.1x Port Authentication from the wireless switch...
...on the left. Using this box to change a WLAN name. It uses a username and password for all wired clients on a WLAN. If the Bandwidth Share Mode is set for each... that the multicast packets for these settings to match. Some VoIP devices make a WLAN active, go to the Wireless screen. 5.8 Setting Up Port Authentication for AP 300 Access Ports ...Wireless Configuration 5-29 Bandwidth Share for Each WLAN Table The fields in this table are not delayed by the packet queue. Select Network Configuration --> [Access Ports] --> 802.1x Port Authentication from the wireless switch...
Reference Guide
Page 112
To use the default username click the 5-30 WS2000 Wireless Switch System Reference Guide To set up Port Authentication for all adopted AP 300 Access Ports: 1. In the Username field, specify a 802.1x username for all AP 300 Access Ports adopted by the switch.
To use the default username click the 5-30 WS2000 Wireless Switch System Reference Guide To set up Port Authentication for all adopted AP 300 Access Ports: 1. In the Username field, specify a 802.1x username for all AP 300 Access Ports adopted by the switch.
Reference Guide
Page 127
... RADIUS Server Authentication Setup 6-3 6.1.4 Setting Up AirBEAM Software Access 6-3 6.1.5 Applet Timeout Specification 6-4 6.1.6 Changing the Administrator Password 6-4 6.2 Configuring User Authentication 6-4 6.2.1 Configuring the RADIUS Server 6-5 6.2.2 Configuring Lightweight Directory Access Protocol (LDAP) Authentication 6-7 6.2.3 Setting Up a Proxy RADIUS Server 6-8 6.2.4 Managing the Local User Database 6-9 6.2.5 Adding New Guest Users Quickly 6-11 6.2.6 Setting the User Access Policy 6-12...
... RADIUS Server Authentication Setup 6-3 6.1.4 Setting Up AirBEAM Software Access 6-3 6.1.5 Applet Timeout Specification 6-4 6.1.6 Changing the Administrator Password 6-4 6.2 Configuring User Authentication 6-4 6.2.1 Configuring the RADIUS Server 6-5 6.2.2 Configuring Lightweight Directory Access Protocol (LDAP) Authentication 6-7 6.2.3 Setting Up a Proxy RADIUS Server 6-8 6.2.4 Managing the Local User Database 6-9 6.2.5 Adding New Guest Users Quickly 6-11 6.2.6 Setting the User Access Policy 6-12...
Reference Guide
Page 128
... allow or disallow specific types of the IP addresses associated with the user interface. 6-2 WS2000 Wireless Switch System Reference Guide 6.1 Configuring Administrator Access The WS 2000 Network Management System allows users to log in to the WS 2000 Wireless Switch. You can change the administrative password from the LAN subnets. The default login name for the WS 2000...
... allow or disallow specific types of the IP addresses associated with the user interface. 6-2 WS2000 Wireless Switch System Reference Guide 6.1 Configuring Administrator Access The WS 2000 Network Management System allows users to log in to the WS 2000 Wireless Switch. You can change the administrative password from the LAN subnets. The default login name for the WS 2000...
Reference Guide
Page 129
...wireless network. If the RADIUS button is selected, specify the RADIUS Server IP address, the communication port for the authentication process, and the RADIUS server's Shared Secret (password) to the switch... connection from the switch's CF card. The fields in this section are two methods available for Admin Authentication area. The only way the device can restore the settings...password used for AirBEAM software access. Allows the administrator to access the switch through the command line interface. 22 Allows administrator access to the wireless switch through the WS 2000 Management...
...wireless network. If the RADIUS button is selected, specify the RADIUS Server IP address, the communication port for the authentication process, and the RADIUS server's Shared Secret (password) to the switch... connection from the switch's CF card. The fields in this section are two methods available for Admin Authentication area. The only way the device can restore the settings...password used for AirBEAM software access. Allows the administrator to access the switch through the command line interface. 22 Allows administrator access to the wireless switch through the WS 2000 Management...
Reference Guide
Page 130
... connection will return to change the switch administrator's password. 1. screen will disappear and the focus will never be timed out. 6.1.6 Changing the Administrator Password Click the Change Admin/Manager Password button (In the bottom right of...WS2000 Wireless Switch System Reference Guide 3. Several screens are available to configure the how the RADIUS server authentication works as well as the ability to work with an external LDAP server (see Configuring the RADIUS Server). • The LDAP screen allows the administrator to set a timeout for instructions on which user's password...
... connection will return to change the switch administrator's password. 1. screen will disappear and the focus will never be timed out. 6.1.6 Changing the Administrator Password Click the Change Admin/Manager Password button (In the bottom right of...WS2000 Wireless Switch System Reference Guide 3. Several screens are available to configure the how the RADIUS server authentication works as well as the ability to work with an external LDAP server (see Configuring the RADIUS Server). • The LDAP screen allows the administrator to set a timeout for instructions on which user's password...
Reference Guide
Page 132
...pull-down menu. Subnet/Host This field contains the IP address of the subnet or host that will need to do the conversion. • Password Authentication Protocol (PAP) is a secure hash function which converts a long data stream into a fixed size digest. Click Apply to the list...to the switch will be used in the menu. To create a server certificate, select the Self Certificates screen from the Certificate Mgmt menu. Use the RADIUS Client Authentication table to set up to use on the RADIUS server, select it on the RADIUS server. 6-6 WS2000 Wireless Switch System Reference ...
...pull-down menu. Subnet/Host This field contains the IP address of the subnet or host that will need to do the conversion. • Password Authentication Protocol (PAP) is a secure hash function which converts a long data stream into a fixed size digest. Click Apply to the list...to the switch will be used in the menu. To create a server certificate, select the Self Certificates screen from the Certificate Mgmt menu. Use the RADIUS Client Authentication table to set up to use on the RADIUS server, select it on the RADIUS server. 6-6 WS2000 Wireless Switch System Reference ...