Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302

Basic Installation and Configuration

3-19

202-10078-01

Note

: You must configure Radius Server Settings (see

Figure 3-13

on

page 3-27

) with either

Legacy 802.1x

or

WPA with Radius

option.

•

Data Encryption

: Select the desired option. If enabled (64 bit, 128 bit or 152 bits) the keys

must be entered, and other wireless stations must use the same keys. The default is None.

–

The 64- and 128-bit option are the standard encryption strength options.

–

The 152-bit key length is a proprietary mode that will only work with other wireless

devices that support this mode.

–

The TKIP option is automatically enabled when either

WPA with Radius

or

WPA-PSK

authentication type is selected.

•

Passphrase

: To use the

passphrase

to generate the keys, enter a passphrase and click the

Generate Keys

button. You can also enter the keys directly. These keys must match the other

wireless stations. Only 8 to 63 characters can be entered if

Legacy 802.1x

or

WPA with

Radius

authentication option is selected.

•

Key 1, Key 2, Key 3, Key 4

: Select the key to be used as the default key. Data transmissions

are always encrypted using the default key. The other keys can only be used to decrypt

received data. The four entries will be disabled if

Legacy 802.1x

or

WPA with Radius

authentication option is selected.

•

Re-authentication Time

: The time interval in seconds after which the supplicant will be

authenticated again with the Radius Server. The default is 3600 seconds.

•

Global-key Update

: Check on this option to enable Re-keying of Global Key. The Global

Key Re-Key can be done based on time interval in seconds or number of packets exchanged

using the global key. The default is 3600 seconds.

•

Update if any station disassociates

: Check on this option to refresh global key when any

stations disassociated with wireless Access Point.

•

Wireless Client Security Separator

: The associated wireless clients will not be able to

communicate with each other if this feature is enabled. The default setting is Disable.

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302

3-20

Basic Installation and Configuration

202-10078-01

Before You Change the SSID and WEP Settings

802.11a Configuration

For a new wireless network, print or copy this form and fill in the configuration parameters. For an

existing wireless network, the person who set up or is responsible for the network will be able to

provide this information. Be sure to set the Regulatory Domain correctly as the first step.

•

SSID

:

The Service Set Identification (SSID) identifies the wireless local area network.

NETGEAR_11a

is the default WAG302 SSID. However, you may customize it by using up to

32 alphanumeric characters. Write your customized SSID on the line below.

___________________________________

Note:

The SSID in the wireless access point is the SSID you configure in the wireless adapter

card. All wireless nodes in the same network must be configured with the same SSID:

•

Authentication

Circle one: Open System or Shared Key. Choose Shared Key for more security.

Note:

If you select shared key, the other devices in the network will not connect unless they

are set to Shared Key as well and have the same keys in the same positions as those in the

WAG302.

•

WEP Encryption Keys

For all four 802.11a keys, choose the Key Size. Circle one: 64, 128, or 152 bits.

Key 1: ___________________________________

Key 2: ___________________________________

Key 3: ___________________________________

Key 4: ___________________________________

•

WPA-PSK (Pre-Shared Key)

Record the WPA-PSK key:

Key: ___________________________________

•

WPA RADIUS Settings

For WPA, record the following settings for the primary and secondary RADIUS servers:

Server Name/IP Address: Primary _________________

Secondary __________________

Port: ___________________________________

Shared Secret: ___________________________________

Use the procedures described in the following sections to configure the WAG302. Store this

information in a safe place.

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302

Basic Installation and Configuration

3-21

202-10078-01

802.11b/g Configuration

For a new wireless network, print or copy this form and fill in the configuration parameters. For an

existing wireless network, the person who set up or is responsible for the network will be able to

provide this information. Be sure to set the Regulatory Domain correctly as the first step.

•

SSID

:

The Service Set Identification (SSID) identifies the wireless local area network.

NETGEAR_11g

is the default WAG302 SSID. However, you may customize it by using up to

32 alphanumeric characters. Write your customized SSID on the line below.

___________________________________

Note:

The SSID in the wireless access point is the SSID you configure in the wireless adapter

card. All wireless nodes in the same network must be configured with the same SSID:

•

Authentication

Circle one: Open System or Shared Key. Choose Shared Key for more security.

Note:

If you select shared key, the other devices in the network will not connect unless they

are set to Shared Key as well and have the same keys in the same positions as those in the

WAG302.

•

WEP Encryption Keys

For all four 802.11b/g keys, choose the Key Size. Circle one: 64, 128, or 152 bits.

Key 1: ___________________________________

Key 2: ___________________________________

Key 3: ___________________________________

Key 4: ___________________________________

•

WPA-PSK (Pre-Shared Key)

Record the WPA-PSK key:

Key: ___________________________________

•

WPA RADIUS Settings

For WPA, record the following settings for the primary and secondary RADIUS servers:

Server Name/IP Address: Primary _________________

Secondary __________________

Port: ___________________________________

Shared Secret: ___________________________________

Use the procedures described in the following sections to configure the WAG302. Store this

information in a safe place.

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302

3-22

Basic Installation and Configuration

202-10078-01

How to Set Up and Test Basic Wireless Connectivity

Follow the instructions below to set up and test basic wireless connectivity. Once you have

established basic wireless connectivity, you can enable security settings appropriate to your needs.

1.

Log in to the WAG302 using its default address of

or at whatever IP

address the unit is currently configured. Use the default user name of

admin

and default

password of

password

, or whatever password you set up.

2.

Click the Wireless Settings link in the main menu of the WAG302.

3.

Choose a suitable descriptive name for the wireless network name (SSID). In the SSID box,

enter a value of up to 32 alphanumeric characters. The default SSID is NETGEAR_11a or

NSTGEAR-11g.

Note:

The SSID of any wireless access adapters must match the SSID you configure in the

WAG302 ProSafe Dual Band Wireless Access Point. If they do not match, you will not get a

wireless connection to the WAG302.

4.

Select the Country/Region in which the wireless interface will operate.

5.

Set the Channel. It should not be necessary to change the wireless channel unless you notice

interference problems or are near another wireless access point. Select a channel that is not

being used by any other wireless networks within several hundred feet of your wireless access

point. For more information on the wireless channel frequencies see

“Wireless Channels” on

page B-7

.

6.

For initial configuration and testing, leave the Wireless Card Access List set to “Everyone”

and the Encryption Strength set to “Disabled.”

7.

Click Apply to save your changes.

8.

Configure and test your PCs for wireless connectivity.

Program the wireless adapter of your PCs to have the same SSID and channel that you

configured in the WAG302. Check that they have a wireless link and are able to obtain an IP

address by DHCP from the WAG302.

Once your PCs have basic wireless connectivity to the WAG302, you can configure the advanced

wireless security functions.

Note:

If you are configuring the WAG302 from a wireless computer and you change the

SSID, channel, or security settings, you will lose your wireless connection when you

click Apply. You must then change the wireless settings of your computer to match the

new settings.

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302

Basic Installation and Configuration

3-23

202-10078-01

How to Restrict Wireless Access by MAC Address

To restrict access based on MAC addresses, follow these steps:

1.

Log in to the WAG302 using its default address of

or at whatever IP

address the unit is currently configured. Use the default user name of

admin

and default

password of

password

, or whatever LAN address and password you have set up.

2.

From the Security menu, click the Access Control 11a and 11bg links to display the Access

Control menus shown below.

Figure 3-11: Access Control menus for 11a and 11bg

Note:

When configuring the WAG302 from a wireless computer whose MAC address is

not in the access control list, if you select Turn Access Control On, you will lose your

wireless connection when you click Apply. You must then access the wireless access

point from a wired computer or from a wireless computer which is on the access control

list to make any further changes.

Access Control 11a menu

Access Control 11b/g menu