Reference Guide
Page 4
TOC-2 WS2000 Wireless Switch System Reference Guide 3.2.1 The DHCP Configuration 3-4 3.2.2 Advanced DHCP Settings 3-5 3.3 Configuring Subnet Access 3-6 3.3.1 The Access Overview Table 3-7 3.3.2 The Access Exception Area 3-7 3.4 Advanced Subnet Access Settings 3-9 3.5 Bridge Configuration 3-12 3.6 Virtual LAN (VLAN) Configuration 3-13 3.7 Configuring IP Filtering 3-15 3.8 Port Configuration 3-17 Chapter 4: WAN Configuration 4.1 Configuring the WAN Interface 4-2 4.1.1 Configuring WAN IP Information 4-2 4.1.2 Setting Up...
TOC-2 WS2000 Wireless Switch System Reference Guide 3.2.1 The DHCP Configuration 3-4 3.2.2 Advanced DHCP Settings 3-5 3.3 Configuring Subnet Access 3-6 3.3.1 The Access Overview Table 3-7 3.3.2 The Access Exception Area 3-7 3.4 Advanced Subnet Access Settings 3-9 3.5 Bridge Configuration 3-12 3.6 Virtual LAN (VLAN) Configuration 3-13 3.7 Configuring IP Filtering 3-15 3.8 Port Configuration 3-17 Chapter 4: WAN Configuration 4.1 Configuring the WAN Interface 4-2 4.1.1 Configuring WAN IP Information 4-2 4.1.2 Setting Up...
Reference Guide
Page 5
...WPA2-CCMP (802.11i) Encryption 5-13 5.3.8 KeyGuard 5-14 5.3.9 No Encryption 5-14 5.3.10 IP Filtering 5-15 5.3.11 Mobile Unit Access Control List (ACL 5-15 5.4 Configuring Access Ports 5-16 5.5 Setting Default Access Port Settings 5-19 5.5.1 Common Settings to All Radio Types 5-20 5.5.2 Radio-Specific ...and Rogue Access Ports 5-33 5.9.4 Setting SNMP Traps for Rogue APs 5-36 5.10 Configuring Wirless Intrusion Protection System (WIPS 5-37 5.11 Wireless Intrusion Detection System 5-38 5.11.1 WIDS Configuration 5-39 5.11.2 Filtered MUs 5-40 5.12 Smart Scan 5-41 5.13 Self Healing 5-...
...WPA2-CCMP (802.11i) Encryption 5-13 5.3.8 KeyGuard 5-14 5.3.9 No Encryption 5-14 5.3.10 IP Filtering 5-15 5.3.11 Mobile Unit Access Control List (ACL 5-15 5.4 Configuring Access Ports 5-16 5.5 Setting Default Access Port Settings 5-19 5.5.1 Common Settings to All Radio Types 5-20 5.5.2 Radio-Specific ...and Rogue Access Ports 5-33 5.9.4 Setting SNMP Traps for Rogue APs 5-36 5.10 Configuring Wirless Intrusion Protection System (WIPS 5-37 5.11 Wireless Intrusion Detection System 5-38 5.11.1 WIDS Configuration 5-39 5.11.2 Filtered MUs 5-40 5.12 Smart Scan 5-41 5.13 Self Healing 5-...
Reference Guide
Page 8
TOC-6 WS2000 Wireless Switch System Reference Guide 12.2 The Plan 12-3 12.3 Contacting the Wireless Switch 12-4 12.3.1 Entering the Basic System Settings 12-5 12.3.2 Setting Access Control 12-6 12.3.3 The IP Address Plan 12-7 12.4 Configuring POS Subnet 12-8 12.5 Configuring the Printer Subnet 12-9 12.6 Configuring the Cafe Subnet... 12.7 Configuring the WAN Interface 12-12 12.8 Configuring Network Address Translation (NAT 12-13 12.9 Inspecting the Firewall 12-14 12.10 Configuring the Access Ports 12-15 12.10.1 Setting Access Port Defaults 12-15 12.10.2 Naming the POS Access Port 12...
TOC-6 WS2000 Wireless Switch System Reference Guide 12.2 The Plan 12-3 12.3 Contacting the Wireless Switch 12-4 12.3.1 Entering the Basic System Settings 12-5 12.3.2 Setting Access Control 12-6 12.3.3 The IP Address Plan 12-7 12.4 Configuring POS Subnet 12-8 12.5 Configuring the Printer Subnet 12-9 12.6 Configuring the Cafe Subnet... 12.7 Configuring the WAN Interface 12-12 12.8 Configuring Network Address Translation (NAT 12-13 12.9 Inspecting the Firewall 12-14 12.10 Configuring the Access Ports 12-15 12.10.1 Setting Access Port Defaults 12-15 12.10.2 Naming the POS Access Port 12...
Reference Guide
Page 28
... provided in the DNS Server IP Address field. Unapplied changes are being administered. 2. Select System Configuration --> SNMP Access from the drop-down menu. The switch uses this address for more information. Enter a text description of the location of the switch in the lower-left menu to a different screen. 2-4 WS2000 Wireless Switch System Reference Guide Step 3: Set...
... provided in the DNS Server IP Address field. Unapplied changes are being administered. 2. Select System Configuration --> SNMP Access from the drop-down menu. The switch uses this address for more information. Enter a text description of the location of the switch in the lower-left menu to a different screen. 2-4 WS2000 Wireless Switch System Reference Guide Step 3: Set...
Reference Guide
Page 30
...and associated wireless LANs (WLANs). 1. All other default settings are fine for the mobile devices. The switch includes internal DHCP server and client features, and the subnet's interface can include some combination of the switch-managed local area network (LAN). Select Network Configuration ... and refine the configuration of these parameters are IP address, network mask, and gateway. Click the Apply button to a host. 2-6 WS2000 Wireless Switch System Reference Guide Step 5: Configure Subnet1 The WS2000 Network Management System allows the administrator to make sure that lights...
...and associated wireless LANs (WLANs). 1. All other default settings are fine for the mobile devices. The switch includes internal DHCP server and client features, and the subnet's interface can include some combination of the switch-managed local area network (LAN). Select Network Configuration ... and refine the configuration of these parameters are IP address, network mask, and gateway. Click the Apply button to a host. 2-6 WS2000 Wireless Switch System Reference Guide Step 5: Configure Subnet1 The WS2000 Network Management System allows the administrator to make sure that lights...
Reference Guide
Page 32
... users. An identity verification method used for authentication. 2-8 WS2000 Wireless Switch System Reference Guide when servers in the PPP over Ethernet area... network uses when passing information. CHAP PAP A type of authentication is to launch an attack. 6. One of hosts through a simple device ...default idle time is no traffic. This is less secure, because the username and password travel as www.motorola.com, into , knows the same secret value and performs the same mathematical operations to arrive at a value. To set up to eight WAN IP addresses for the switch...
... users. An identity verification method used for authentication. 2-8 WS2000 Wireless Switch System Reference Guide when servers in the PPP over Ethernet area... network uses when passing information. CHAP PAP A type of authentication is to launch an attack. 6. One of hosts through a simple device ...default idle time is no traffic. This is less secure, because the username and password travel as www.motorola.com, into , knows the same secret value and performs the same mathematical operations to arrive at a value. To set up to eight WAN IP addresses for the switch...
Reference Guide
Page 35
...such as www.motorola.com) on the mobile device. 4. You might be necessary. 1. Open a Web browser and type the IP address: 192.168....0.1. Mobile Unit Access Control List (ACL) This list is used to review the status of exception. By default...). Step 9: Test Connectivity At this stage. The WS 2000 Switch Management screen should appear. Add a key to access the LAN. ...does not appear on the MU Stats screen, recheck the network and WEP settings on the WAN. This ensures that the MU is...
...such as www.motorola.com) on the mobile device. 4. You might be necessary. 1. Open a Web browser and type the IP address: 192.168....0.1. Mobile Unit Access Control List (ACL) This list is used to review the status of exception. By default...). Step 9: Test Connectivity At this stage. The WS 2000 Switch Management screen should appear. Add a key to access the LAN. ...does not appear on the MU Stats screen, recheck the network and WEP settings on the WAN. This ensures that the MU is...
Reference Guide
Page 41
...when the IP address associated with the IP allotted to further customize IP address allocation. 2. If your network has a Windows Internet Name Service (WINS) server, specify its IP address in the Single or Multiple user class ID format. LAN/Subnet Configuration 3-5 3.2.2 Advanced DHCP Settings 1. The switch then ...the DHCP server, the DHCP server then updates the DNS server with that networks can provide this subnet's presence on the subnet, check the box labeled Enable Dynamic DNS. Specify the Default Gateway IP address for the DDNS messages. 3. A WINS server allows you to map...
...when the IP address associated with the IP allotted to further customize IP address allocation. 2. If your network has a Windows Internet Name Service (WINS) server, specify its IP address in the Single or Multiple user class ID format. LAN/Subnet Configuration 3-5 3.2.2 Advanced DHCP Settings 1. The switch then ...the DHCP server, the DHCP server then updates the DNS server with that networks can provide this subnet's presence on the subnet, check the box labeled Enable Dynamic DNS. Specify the Default Gateway IP address for the DDNS messages. 3. A WINS server allows you to map...
Reference Guide
Page 45
... inbound and outbound policies. Such encapsulation allows routing of ports. 6. When default option is unreliable. The screen consists of Internet Protocol (IP) networks. Like TCP, UDP runs on receiving ICMP packets for encapsulating network layer protocols over the Internet. Because ICMP uses IP, ICMP packet delivery is selected, logging will display either the inbound or...
... inbound and outbound policies. Such encapsulation allows routing of ports. 6. When default option is unreliable. The screen consists of Internet Protocol (IP) networks. Like TCP, UDP runs on receiving ICMP packets for encapsulating network layer protocols over the Internet. Because ICMP uses IP, ICMP packet delivery is selected, logging will display either the inbound or...
Reference Guide
Page 48
... IP address and translation port for the reverse NAT host. To configure Bridging, select Network Configuration --> LAN --> and select the Bridging tab. Set the Priority as low as the root). Motorola recommends assigning a Base Bridge AP with a default bridge priority of the same network. 3-12 WS2000 Wireless Switch System...Layer 2 of the STP does not get altered. Set the Priority for a firewall rule, enter this field. Bridges are data link layer devices. NAT (Reverse NAT) (inbound) / NAT (outbound)-To enable NAT or reverse NAT for the bridge. To configure the bridge: 1. ...
... IP address and translation port for the reverse NAT host. To configure Bridging, select Network Configuration --> LAN --> and select the Bridging tab. Set the Priority as low as the root). Motorola recommends assigning a Base Bridge AP with a default bridge priority of the same network. 3-12 WS2000 Wireless Switch System...Layer 2 of the STP does not get altered. Set the Priority for a firewall rule, enter this field. Bridges are data link layer devices. NAT (Reverse NAT) (inbound) / NAT (outbound)-To enable NAT or reverse NAT for the bridge. To configure the bridge: 1. ...
Reference Guide
Page 50
... If the VLAN Type is User Based, then the Default VLAN ID must be one of the IDs assigned to select a Trunk Port for Wireless traffic. To enable filtering using a user ID and password. To add an IP filter, click IP Filtering button. Set the appropriate filter and click Ok to... Enter a list of allowed VLANs between 1 and 4094 in Port-based VLANs applies. 2. The IP Filtering dialog appears. 3-14 WS2000 Wireless Switch System Reference Guide The upper part of the screen is used for this switch. For each subnet is mapped to select a VLAN Type for packets that do not have the VLAN...
... If the VLAN Type is User Based, then the Default VLAN ID must be one of the IDs assigned to select a Trunk Port for Wireless traffic. To enable filtering using a user ID and password. To add an IP filter, click IP Filtering button. Set the appropriate filter and click Ok to... Enter a list of allowed VLANs between 1 and 4094 in Port-based VLANs applies. 2. The IP Filtering dialog appears. 3-14 WS2000 Wireless Switch System Reference Guide The upper part of the screen is used for this switch. For each subnet is mapped to select a VLAN Type for packets that do not have the VLAN...
Reference Guide
Page 51
... Trunking VLANs Through the WAN Port. 3.7 Configuring IP Filtering IP based filtering allows administrators to configure Incoming and Outgoing IP filtering policies on IP Address or as a default rule for all of rules used for broadcasting data over an IP network. Filters can then be unique for each filter ...rule that is a set up based on packets within the same Subnet / WLAN and between wired and wireless ...
... Trunking VLANs Through the WAN Port. 3.7 Configuring IP Filtering IP based filtering allows administrators to configure Incoming and Outgoing IP filtering policies on IP Address or as a default rule for all of rules used for broadcasting data over an IP network. Filters can then be unique for each filter ...rule that is a set up based on packets within the same Subnet / WLAN and between wired and wireless ...
Reference Guide
Page 53
Enter the destination IP range for the filtering rule in the Src Start and Src End fields. 6. To disable this field will apply the filtering to all ports on your network configuration. To ...use this , select Disable from the Speed drop-down list. The default is in one direction at a time. Use this IP Filtering rule to apply to enable or disable each of the filtering... Description RAW_IP RAW IP is used when communication is enabled, the WS2000 determines the best operating speed and the duplex states for each port. It can be selected based on the switch. 5. Select a...
Enter the destination IP range for the filtering rule in the Src Start and Src End fields. 6. To disable this field will apply the filtering to all ports on your network configuration. To ...use this , select Disable from the Speed drop-down list. The default is in one direction at a time. Use this IP Filtering rule to apply to enable or disable each of the filtering... Description RAW_IP RAW IP is used when communication is enabled, the WS2000 determines the best operating speed and the duplex states for each port. It can be selected based on the switch. 5. Select a...
Reference Guide
Page 55
WAN Configuration 4.1 Configuring the WAN Interface 4-2 4.1.1 Configuring WAN IP Information 4-2 4.1.2 Setting Up Point-to-Point over Ethernet (PPPoE) Communication 4-3 4.2 Configuring the WS 2000 Firewall 4-5 4.2.1 Disabling the Firewall 4-5 4.2.2 Setting the NAT Timeout 4-5 4.2.3 Configurable Firewall Filters 4-6 4.3 Configuring Network Address Translation (NAT 4-8 4.4 Configuring Static Routes 4-10 4.4.1 Configuring the Default Gateway Interface 4-10 4.4.2 Creating User Defined Routes 4-11...
WAN Configuration 4.1 Configuring the WAN Interface 4-2 4.1.1 Configuring WAN IP Information 4-2 4.1.2 Setting Up Point-to-Point over Ethernet (PPPoE) Communication 4-3 4.2 Configuring the WS 2000 Firewall 4-5 4.2.1 Disabling the Firewall 4-5 4.2.2 Setting the NAT Timeout 4-5 4.2.3 Configurable Firewall Filters 4-6 4.3 Configuring Network Address Translation (NAT 4-8 4.4 Configuring Static Routes 4-10 4.4.1 Configuring the Default Gateway Interface 4-10 4.4.2 Creating User Defined Routes 4-11...
Reference Guide
Page 57
... amount of hosts through a simple device to a remote access concentrator. This number is for the switch's router to use to address the WS 2000 Wireless Switch. • Click the More IP Addresses button to specify additional static IP addresses for the switch. Additional IP addresses are required when users within ...Check with the network administrator or ISP to determine whether to enable this protocol. The pop-up window allows the administrator to enter up to eight WAN IP addresses for the switch. • The Subnet Mask is the mask used for the WAN. • The Default Gateway is not...
... amount of hosts through a simple device to a remote access concentrator. This number is for the switch's router to use to address the WS 2000 Wireless Switch. • Click the More IP Addresses button to specify additional static IP addresses for the switch. Additional IP addresses are required when users within ...Check with the network administrator or ISP to determine whether to enable this protocol. The pop-up window allows the administrator to enter up to eight WAN IP addresses for the switch. • The Subnet Mask is the mask used for the WAN. • The Default Gateway is not...
Reference Guide
Page 58
... alive, even when there is logging into knows the same secret value and performs the same mathematical operations. 4-4 WS2000 Wireless Switch System Reference Guide 4. PAP An identity verification method used to send a user name and password over the WAN ...Check Keep Alive to instruct the switch to continue occasional communications over a network to a computer that a hacker could read. 6. Select between None, PAP, CHAP, or PAP or CHAP. Once connected, the PPPoE State section will display the provided IP Address, Default Gateway, Primary DNS Server and Secondary...
... alive, even when there is logging into knows the same secret value and performs the same mathematical operations. 4-4 WS2000 Wireless Switch System Reference Guide 4. PAP An identity verification method used to send a user name and password over the WAN ...Check Keep Alive to instruct the switch to continue occasional communications over a network to a computer that a hacker could read. 6. Select between None, PAP, CHAP, or PAP or CHAP. Once connected, the PPPoE State section will display the provided IP Address, Default Gateway, Primary DNS Server and Secondary...
Reference Guide
Page 59
.../IP packet going through the firewall. If the table has no rows, the timeout value entered in the TCP Default Timeout is used . Check Disable Firewall if the filters should not be used to protect internal networks from known Internet attacks. In WS 2000 Wireless Switch,...that can be enabled or disabled with WS2000. The table below TCP Default Timeout field enables you to screen information packets for the WAN uplink. WAN Configuration 4-5 4.2 Configuring the WS 2000 Firewall The WS 2000 Wireless Switch provides a secure firewall/Network Address Translation (NAT) solution for ...
.../IP packet going through the firewall. If the table has no rows, the timeout value entered in the TCP Default Timeout is used . Check Disable Firewall if the filters should not be used to protect internal networks from known Internet attacks. In WS 2000 Wireless Switch,...that can be enabled or disabled with WS2000. The table below TCP Default Timeout field enables you to screen information packets for the WAN uplink. WAN Configuration 4-5 4.2 Configuring the WS 2000 Firewall The WS 2000 Wireless Switch provides a secure firewall/Network Address Translation (NAT) solution for ...
Reference Guide
Page 60
... if one of the following things is true: • The switch is a global configuration for any TCP/IP packets going through a network, while exploiting the use as message units over the Internet. 4-6 WS2000 Wireless Switch System Reference Guide Enter a default timeout value (in seconds) for the switch to use of an intermediate host to gain access to a private...
... if one of the following things is true: • The switch is a global configuration for any TCP/IP packets going through a network, while exploiting the use as message units over the Internet. 4-6 WS2000 Wireless Switch System Reference Guide Enter a default timeout value (in seconds) for the switch to use of an intermediate host to gain access to a private...
Reference Guide
Page 64
...the WAN, and the router. To view this option will be used as the Default Gateway Interface for all unspecified ports to check box and then specify an IP address to enable port forwarding for all unspecified routes. The available options are those...screen, select Network Configuration --> Router from settings applied on the Subnet and WAN screens. Click the Forward all unspecified routes. Click the Apply button on the switch-managed LAN. WAN Sets the WAN interface as the Default Gateway Interface for unspecified routes. 4-10 WS2000 Wireless Switch System Reference Guide...
...the WAN, and the router. To view this option will be used as the Default Gateway Interface for all unspecified ports to check box and then specify an IP address to enable port forwarding for all unspecified routes. The available options are those...screen, select Network Configuration --> Router from settings applied on the Subnet and WAN screens. Click the Forward all unspecified routes. Click the Apply button on the switch-managed LAN. WAN Sets the WAN interface as the Default Gateway Interface for unspecified routes. 4-10 WS2000 Wireless Switch System Reference Guide...
Reference Guide
Page 65
... the administrator to select the type of RIP and the type of RIP authentication used by the switch. WAN Configuration 4-11 Subnet 2 Subnet 3 Subnet 4 If Subnet 2 is enabled, sets it as the Default Gateway Interface for all unspecified routes. If Subnet 3 is enabled, sets it as the... for all unspecified routes. If RIP is used by router protocols to determine the best hop routes. 4. Specify the destination IP address, subnet mask, and gateway information for data that the administrator adds. Internal static routes are generated using the Routing Information Protocol (...
... the administrator to select the type of RIP and the type of RIP authentication used by the switch. WAN Configuration 4-11 Subnet 2 Subnet 3 Subnet 4 If Subnet 2 is enabled, sets it as the Default Gateway Interface for all unspecified routes. If Subnet 3 is enabled, sets it as the... for all unspecified routes. If RIP is used by router protocols to determine the best hop routes. 4. Specify the destination IP address, subnet mask, and gateway information for data that the administrator adds. Internal static routes are generated using the Routing Information Protocol (...