User Guide
Page 4
...the 3COM Wireless Infrastructure Device Manager (Widman) utility 3-2 Launching the 3com Wireless Interface Device Manager 3-2 First Time Only 3-4 Using the Setup Wizard 3-4 4 System Configuration Advanced Setup 4-2 System Identification 4-4 TCP / IP Settings 4-5 RADIUS 4-8 Authentication 4-9 Filter Control 4-14 VLAN 4-16 SNMP 4-18 Configuring SNMP and Trap Message Parameters Configuring SNMPv3 Users 4-21 4-18 Administration 4-22 Changing the Password 4-22 Telnet and SSH Settings 4-23 Upgrading Firmware 4-24 WDS and Spanning Tree Settings 4-27 System Log 4-33 Enabling System Logging 4-33...
...the 3COM Wireless Infrastructure Device Manager (Widman) utility 3-2 Launching the 3com Wireless Interface Device Manager 3-2 First Time Only 3-4 Using the Setup Wizard 3-4 4 System Configuration Advanced Setup 4-2 System Identification 4-4 TCP / IP Settings 4-5 RADIUS 4-8 Authentication 4-9 Filter Control 4-14 VLAN 4-16 SNMP 4-18 Configuring SNMP and Trap Message Parameters Configuring SNMPv3 Users 4-21 4-18 Administration 4-22 Changing the Password 4-22 Telnet and SSH Settings 4-23 Upgrading Firmware 4-24 WDS and Spanning Tree Settings 4-27 System Log 4-33 Enabling System Logging 4-33...
User Guide
Page 12
... the network using an embedded web server browser. However, is subject to a greater risk of radio interference because it easier than ever to -reach locations. With Power over Ethernet (PoE) support, the same Category 5 cable that connects your wired network. For those organizations demanding even higher speeds, a "turbo mode" feature can help you are: Maintaining support for existing 802.11b users and the existing wireless investment...
... the network using an embedded web server browser. However, is subject to a greater risk of radio interference because it easier than ever to -reach locations. With Power over Ethernet (PoE) support, the same Category 5 cable that connects your wired network. For those organizations demanding even higher speeds, a "turbo mode" feature can help you are: Maintaining support for existing 802.11b users and the existing wireless investment...
User Guide
Page 23
... Ethernet LAN. Off No link is used to reset the access point or restore the factory default configuration. If you may have made are removed, and the factory default configuration is a fault with the power supply. RESET BUTTON This button is present. Table 1 System LEDs LED Color Indicates Power Green The access point is proportional to the access point. 2-9 Flashing rate is powered up and operating normally. Off No link is connected, the access point LEDs light. Link Green The access point has a 10/100 Mbps Fast Ethernet connection. Checking the LEDs...
... Ethernet LAN. Off No link is used to reset the access point or restore the factory default configuration. If you may have made are removed, and the factory default configuration is a fault with the power supply. RESET BUTTON This button is present. Table 1 System LEDs LED Color Indicates Power Green The access point is proportional to the access point. 2-9 Flashing rate is powered up and operating normally. Off No link is connected, the access point LEDs light. Link Green The access point has a 10/100 Mbps Fast Ethernet connection. Checking the LEDs...
User Guide
Page 32
...a DHCP server on to locate 3Com Wireless LAN devices and launch their configurations. To log on the network, the access point uses Auto IP to login into the AP Configuration screen: 1 Load a web browser and enter . 2 The Logon screen appears. Use the 3Com Wireless Infrastructure Device Manager to the Web interface: 1 Username, type admin (case sensitive). 2 Password, type password 3 Click Log On. For a new access point installation, the default WLAN Service Area (ESSID) is connected to the same network as Internet Explorer 5.0 or above). When installing the device manager, make sure...
...a DHCP server on to locate 3Com Wireless LAN devices and launch their configurations. To log on the network, the access point uses Auto IP to login into the AP Configuration screen: 1 Load a web browser and enter . 2 The Logon screen appears. Use the 3Com Wireless Infrastructure Device Manager to the Web interface: 1 Username, type admin (case sensitive). 2 Password, type password 3 Click Log On. For a new access point installation, the default WLAN Service Area (ESSID) is connected to the same network as Internet Explorer 5.0 or above). When installing the device manager, make sure...
User Guide
Page 41
... the network, the access point uses Auto IP to assign an IP address of the access point, or use the default address: http://169.254.2.1. Unless it detects a DHCP server on Advanced Setup. The following page will display. 4-1 Enter the configured IP address of the form 169.254.2.1. After installing and launching the device manager, select the device to be configured. For a new access point installation, the default WLAN Service Area (ESSID) is 3Com and no security is connected to the same network as Internet Explorer...
... the network, the access point uses Auto IP to assign an IP address of the access point, or use the default address: http://169.254.2.1. Unless it detects a DHCP server on Advanced Setup. The following page will display. 4-1 Enter the configured IP address of the form 169.254.2.1. After installing and launching the device manager, select the device to be configured. For a new access point installation, the default WLAN Service Area (ESSID) is 3Com and no security is connected to the same network as Internet Explorer...
User Guide
Page 43
... WDS bridging and Spanning Tree Protocol features Controls logging of error messages; sets the system clock via SNTP server or manual configuration Displays information about the access point and wireless clients Displays configuration settings for the basic system and the wireless interface Shows the wireless clients currently associated with the access point Shows log messages stored in memory Configures the IEEE 802.11a interface Configures common radio signal parameters and other settings for management access; upgrades software from local file, FTP or TFTP server; Advanced Setup Menu...
... WDS bridging and Spanning Tree Protocol features Controls logging of error messages; sets the system clock via SNTP server or manual configuration Displays information about the access point and wireless clients Displays configuration settings for the basic system and the wireless interface Shows the wireless clients currently associated with the access point Shows log messages stored in memory Configures the IEEE 802.11a interface Configures common radio signal parameters and other settings for management access; upgrades software from local file, FTP or TFTP server; Advanced Setup Menu...
User Guide
Page 45
...: You can use the web browser interface to manage the access point. By default, the access point will automatically start up with IP settings from a Dynamic Host Configuration Protocol (DHCP) server. WIDMAN will allow you to launch a web browser on IP addressing to discover or set the initial IP address of access point features depend on the Access Point's web management interface by selecting the Access Point and the configure button. Use 3Com Wireless Infrastructure Device Manager to operate. Figure 20 TCP/IP Settings 4-5 A number of the...
...: You can use the web browser interface to manage the access point. By default, the access point will automatically start up with IP settings from a Dynamic Host Configuration Protocol (DHCP) server. WIDMAN will allow you to launch a web browser on IP addressing to discover or set the initial IP address of access point features depend on the Access Point's web management interface by selecting the Access Point and the configure button. Use 3Com Wireless Infrastructure Device Manager to operate. Figure 20 TCP/IP Settings 4-5 A number of the...
User Guide
Page 46
... from a DHCP (Dynamic Host Configuration Protocol) server. Web Servers - Allows monitoring of Domain Name Servers on the local subnet. The IP address, subnet mask, default gateway, and Domain Name Server (DNS) address are dynamically assigned to manually configure a static address for a secure HTTP connection to identify network hosts by the web browser interface. HTTPS Server: Enables the secure HTTP server on another subnet, type the IP address of the access point. Select this option to specific subnets. Default Gateway: The default gateway is the IP address of...
... from a DHCP (Dynamic Host Configuration Protocol) server. Web Servers - Allows monitoring of Domain Name Servers on the local subnet. The IP address, subnet mask, default gateway, and Domain Name Server (DNS) address are dynamically assigned to manually configure a static address for a secure HTTP connection to identify network hosts by the web browser interface. HTTPS Server: Enables the secure HTTP server on another subnet, type the IP address of the access point. Select this option to specific subnets. Default Gateway: The default gateway is the IP address of...
User Guide
Page 58
... devices for proper operation in a Management Information Base (MIB) that cover message integrity, authentication, and encryption; The access point includes an onboard agent that is compliant with SNMP includes switches, routers and host computers. Management access using SNMP management software that supports SNMP versions 1, 2c, and 3 clients. To communicate with the access point, the management station must first have an IP address and subnet mask, configured either manually or dynamically. A defined set of the information controlled...
... devices for proper operation in a Management Information Base (MIB) that cover message integrity, authentication, and encryption; The access point includes an onboard agent that is compliant with SNMP includes switches, routers and host computers. Management access using SNMP management software that supports SNMP versions 1, 2c, and 3 clients. To communicate with the access point, the management station must first have an IP address and subnet mask, configured either manually or dynamically. A defined set of the information controlled...
User Guide
Page 63
... SSH client software needs to be used to generate host encryption keys. Figure 30 Telnet and SSH Settings 4-23 NOTE: The access point supports only SSH version 2.0. The SSH server is "admin." (Length: 3-16 characters, case sensitive) New Password - The Secure Shell (SSH) can then securely use the local user name and password for management access. (Length: 3-16 characters, case sensitive) Confirm New Password - Figure 29 Administration Administration Username - The default name is disabled while the keys are...
... SSH client software needs to be used to generate host encryption keys. Figure 30 Telnet and SSH Settings 4-23 NOTE: The access point supports only SSH version 2.0. The SSH server is "admin." (Length: 3-16 characters, case sensitive) New Password - The Secure Shell (SSH) can then securely use the local user name and password for management access. (Length: 3-16 characters, case sensitive) Confirm New Password - Figure 29 Administration Administration Username - The default name is disabled while the keys are...
User Guide
Page 64
... configuration automatically restores the access point to run the software it was using before the upgrade started. After upgrading new software, you must reboot the access point to implement the new code. CHAPTER 4: SYSTEM CONFIGURATION Telnet Server: Enables or disables the Telnet server. (Default: Disabled) SSH Server: Enables or disables the SSH server. (Default: Enabled) SSH Port Number: Sets the UDP port for the SSH server. (Range: 1-65535; Default: 22) UPGRADING FIRMWARE You can upgrade new access point software from a local file on the management workstation...
... configuration automatically restores the access point to run the software it was using before the upgrade started. After upgrading new software, you must reboot the access point to implement the new code. CHAPTER 4: SYSTEM CONFIGURATION Telnet Server: Enables or disables the Telnet server. (Default: Disabled) SSH Server: Enables or disables the SSH server. (Default: Enabled) SSH Port Number: Sets the UDP port for the SSH server. (Range: 1-65535; Default: 22) UPGRADING FIRMWARE You can upgrade new access point software from a local file on the management workstation...
User Guide
Page 91
...WPA Pre-Shared Key Authentication: WPA-PSK Local only No only Encryption: Enable WPA Configuration: Required Cipher Configuration: TKIP 802.1x: Disable WPA Pre-shared Key Type: Hexadecimal or Alphanumeric Enter a WPA Pre-shared key Static and dynamic Enter 1 to 4 WEP keys (802.1x) WEP keys Select a WEP transmit key Local, RADIUS, or Yes Disabled Authentication: Open System Encryption: Enable 802.1x: Supported Set 802.1x key refresh and reauthentication rates Dynamic WEP and 802.1x WPA Authentication: WPA Local or Disabled Yes Encryption: Enable WPA Configuration: Supported...
...WPA Pre-Shared Key Authentication: WPA-PSK Local only No only Encryption: Enable WPA Configuration: Required Cipher Configuration: TKIP 802.1x: Disable WPA Pre-shared Key Type: Hexadecimal or Alphanumeric Enter a WPA Pre-shared key Static and dynamic Enter 1 to 4 WEP keys (802.1x) WEP keys Select a WEP transmit key Local, RADIUS, or Yes Disabled Authentication: Open System Encryption: Enable 802.1x: Supported Set 802.1x key refresh and reauthentication rates Dynamic WEP and 802.1x WPA Authentication: WPA Local or Disabled Yes Encryption: Enable WPA Configuration: Supported...
User Guide
Page 94
... bit keys (802.11a radio only). Cipher Modes - This is used as the multicast encryption cipher. Figure 41 WPA Key Management WPA Key Management - Key Type - If this option is selected when using static WEP keys, you must enable data encryption through the web or CLI in the access point. Requires that 802.1x authentication be disabled. AES-CCMP is the standard encryption cipher required for multicast and broadcast traffic, which is used as the multicast encryption cipher. WEP/TKIP: WEP is supported...
... bit keys (802.11a radio only). Cipher Modes - This is used as the multicast encryption cipher. Figure 41 WPA Key Management WPA Key Management - Key Type - If this option is selected when using static WEP keys, you must enable data encryption through the web or CLI in the access point. Requires that 802.1x authentication be disabled. AES-CCMP is the standard encryption cipher required for multicast and broadcast traffic, which is used as the multicast encryption cipher. WEP/TKIP: WEP is supported...
User Guide
Page 96
...between a client, the access point, and a RADIUS server that you can change the encryption key to any of the four settings without having to update the client keys. (Default: Key 1) NOTE: Key index and type must match that configured on wireless clients requires a WPA-enabled network card driver and 802.1X client software that supports the EAP authentication type that prevents users from accidentally joining a rogue network. Windows XP provides native WPA support, other systems require additional software. 4-56 CHAPTER 4: SYSTEM CONFIGURATION • Hexadecimal: Enter keys as its...
...between a client, the access point, and a RADIUS server that you can change the encryption key to any of the four settings without having to update the client keys. (Default: Key 1) NOTE: Key index and type must match that configured on wireless clients requires a WPA-enabled network card driver and 802.1X client software that supports the EAP authentication type that prevents users from accidentally joining a rogue network. Windows XP provides native WPA support, other systems require additional software. 4-56 CHAPTER 4: SYSTEM CONFIGURATION • Hexadecimal: Enter keys as its...
User Guide
Page 115
... the UDP port number used to the access point's Web interface ip https server Enables the secure HTTP server on the access point GC web-redirect Enables web authentication of other system information. Using the Command Line Interface System Management Commands These commands are used for the system Exec show config Displays detailed configuration information for a secure HTTP GC connection to configure the user name, password, system logs, browser management options, clock settings, and a variety of clients using a public access GC Internet service System Status show...
... the UDP port number used to the access point's Web interface ip https server Enables the secure HTTP server on the access point GC web-redirect Enables web authentication of other system information. Using the Command Line Interface System Management Commands These commands are used for the system Exec show config Displays detailed configuration information for a secure HTTP GC connection to configure the user name, password, system logs, browser management options, clock settings, and a variety of clients using a public access GC Internet service System Status show...
User Guide
Page 122
...-65535) Default Setting 443 Command Mode Global Configuration Command Usage • You cannot configure the HTTP and HTTPS servers to use the same port. • To avoid using common reserved TCP port numbers below 1024, the configurable range is restricted to 443 and between 1024 and 65535. • If you change the HTTPS port number, clients attempting to connect to the HTTPS server must specify the port number in the URL, in...
...-65535) Default Setting 443 Command Mode Global Configuration Command Usage • You cannot configure the HTTP and HTTPS servers to use the same port. • To avoid using common reserved TCP port numbers below 1024, the configurable range is restricted to 443 and between 1024 and 65535. • If you change the HTTPS port number, clients attempting to connect to the HTTPS server must specify the port number in the URL, in...
User Guide
Page 130
... :DISABLED AP Management :ENABLED Ethernet Type Filter :DISABLED Enabled Protocol Filters No protocol filters are enabled Hardware Version Information Hardware version R01A Ethernet Interface Information IP Address : 192.254.0.151 Subnet Mask : 255.255.255.0 Default Gateway : 192.254.0.1 Primary DNS : 210.200.211.225 Secondary DNS : 210.200.211.193 Speed-duplex : 100Base-TX Full Duplex Admin status : Up Operational status : Up Wireless Interface 802.11a Information Identification Description : 802.11a Access Point SSID : A 0 Channel : 0 (AUTO...
... :DISABLED AP Management :ENABLED Ethernet Type Filter :DISABLED Enabled Protocol Filters No protocol filters are enabled Hardware Version Information Hardware version R01A Ethernet Interface Information IP Address : 192.254.0.151 Subnet Mask : 255.255.255.0 Default Gateway : 192.254.0.1 Primary DNS : 210.200.211.225 Secondary DNS : 210.200.211.193 Speed-duplex : 100Base-TX Full Duplex Admin status : Up Operational status : Up Wireless Interface 802.11a Information Identification Description : 802.11a Access Point SSID : A 0 Channel : 0 (AUTO...
User Guide
Page 239
.... Default Setting software Command Mode Interface Configuration (Wireless) Command Usage • The Michael Integrity Check (MIC) is part of AES-CCMP requires hardware support on client devices. The performance of the access point can impact throughput and performance. Syntax mic_mode • hardware - The main enhancement is its use of AES Counter-Mode encryption with WPA, including the same 802.1X and PSK modes of operation and support for the specific deployment. • Using...
.... Default Setting software Command Mode Interface Configuration (Wireless) Command Usage • The Michael Integrity Check (MIC) is part of AES-CCMP requires hardware support on client devices. The performance of the access point can impact throughput and performance. Syntax mic_mode • hardware - The main enhancement is its use of AES Counter-Mode encryption with WPA, including the same 802.1X and PSK modes of operation and support for the specific deployment. • Using...
User Guide
Page 259
...configuration, initial setup 3-1 connecting power 2-2, 2-6 country code configuring 5-14 CTS 4-41, 5-116 D device status, displaying 4-59, 5-26 DHCP 3-9, 4-5, 4-6, 4-7, 5-99, 5-100 DNS 4-6, 5-98 Domain Name Server See DNS downloading software 4-24, 5-61 DTIM 4-41, 5-114 Dynamic Host Configuration Protocol See DHCP E EAP 4-56 encryption 4-49, 4-52, 4-56 Ethernet cable 2-1 event logs 4-61, 5-36 Extensible Authentication Protocol See EAP F factory defaults restoring 5-11 filter 4-14, 5-76 address 4-9, 5-76 between wireless clients 5-80 local bridge 5-80 local or remote 4-9, 5-78 management access...
...configuration, initial setup 3-1 connecting power 2-2, 2-6 country code configuring 5-14 CTS 4-41, 5-116 D device status, displaying 4-59, 5-26 DHCP 3-9, 4-5, 4-6, 4-7, 5-99, 5-100 DNS 4-6, 5-98 Domain Name Server See DNS downloading software 4-24, 5-61 DTIM 4-41, 5-114 Dynamic Host Configuration Protocol See DHCP E EAP 4-56 encryption 4-49, 4-52, 4-56 Ethernet cable 2-1 event logs 4-61, 5-36 Extensible Authentication Protocol See EAP F factory defaults restoring 5-11 filter 4-14, 5-76 address 4-9, 5-76 between wireless clients 5-80 local bridge 5-80 local or remote 4-9, 5-78 management access...
User Guide
Page 260
...35 configuring interface 4-42, 5-104 maximum data rate 5-107 radio channel 4-44, 5-108 IEEE 802.1x 4-56, 5-70, 5-76 configuring 4-10, 5-70 IEEE 802.3af power-over-Ethernet 2-6 initial setup 3-1 installation 2-1 access point 2-1 antenna 2-5 cable 2-1 flat surface 2-12 location 2-3 power 2-2 requirements 2-1 software utilities 2-14 wall mount 2-12 IP address BOOTP/DHCP 5-99, 5-100 configuring 3-9, 4-5, 5-99, 5-100 troubleshooting 6-2 L LEDs 2-9 location for installation 2-3 log messages 4-34, 4-61, 5-33 server 4-33, 5-33 login CLI 5-1 web 3-5 logon authentication RADIUS client 4-13, 5-64 M MAC...
...35 configuring interface 4-42, 5-104 maximum data rate 5-107 radio channel 4-44, 5-108 IEEE 802.1x 4-56, 5-70, 5-76 configuring 4-10, 5-70 IEEE 802.3af power-over-Ethernet 2-6 initial setup 3-1 installation 2-1 access point 2-1 antenna 2-5 cable 2-1 flat surface 2-12 location 2-3 power 2-2 requirements 2-1 software utilities 2-14 wall mount 2-12 IP address BOOTP/DHCP 5-99, 5-100 configuring 3-9, 4-5, 5-99, 5-100 troubleshooting 6-2 L LEDs 2-9 location for installation 2-3 log messages 4-34, 4-61, 5-33 server 4-33, 5-33 login CLI 5-1 web 3-5 logon authentication RADIUS client 4-13, 5-64 M MAC...