1. Home
    2. /
  2. Manuals
    3. /
  3. Linksys
    4. /
  4. WET200
    5. /
  5. 4
Page 16 / 39 Scroll up to view Page 11 - 15
Chapter 6
Advanced Configuration
12
Wireless-G Business Ethernet Bridge
WPA2-Personal
Use the
WPA2 Personal
screen to configure WPA2 Personal
encryption for the Bridge.
Wireless > Wireless Security - WPA2 Personal
Encryption
This is set to AES and cannot be changed as
WPA2 always uses AES encryption.
Shared Secret
Enter a WPA Shared Secret of 8-63
characters.
Key Renewal Timeout
Enter a Key Renewal Timeout
period, which instructs the Access Point how often to
change the encryption keys. The default is
3600
seconds.
Click
Apply
to apply your changes, or click
Cancel
to
cancel your changes.
WPA-Enterprise
Use the
WPA Enterprise
screen to configure WPA Enterprise
encryption for the Bridge.
Wireless > Wireless Security - WPA Enterprise
WPA Enterprise provides WPA security in coordination with
a RADIUS server connected to the Bridge. WPA Enterprise
offers two authentication methods, EAP-TLS and PEAP,
as well as two encryption methods, TKIP and AES, with
dynamic encryption keys.
Authentication
Select the authentication method your
network is using, either
EAP-TLS
(default) or
PEAP
.
EAP-TLS
EAP-TLS uses a Certificate file for authentication. The Login
Name and Private Key Password are used to decrypt the
certificate file.
Encryption
Select either
TKIP
(default) or
AES
encryption
.
Login Name
Enter your login name for the RADIUS server
.
Private Key Password
Enter your password.
Certificate
Enter the name of your certificate file or click
Browse
to locate it. Click
Import
to load and decode the
certificate file. Click
Apply
to save the configuration for
wireless authentication while being associated with an
Access Point.
PEAP
EAP-PEAP uses the Login Name and Password to perform
authentication with the RADIUS server.
Encryption
Select either
TKIP
(default) or
AES
encryption
.
Login Name
Enter your login name for the RADIUS server
.
Private Key Password
Enter your password.
When you are finished configuring the above settings,
click
Apply
to apply your changes, or click
Cancel
to
cancel your changes.
WPA2-Enterprise
Use the
WPA2 Enterprise
screen to configure WPA2
Enterprise encryption for the Bridge.
Wireless > Wireless Security - WPA2 Enterprise
WPA2 Enterprise provides WPA security in coordination
with a RADIUS server connected to the Bridge. WPA2
Enterprise offers two authentication methods, EAP-TLS
and PEAP, but only one encryption method, AES.
Authentication
Select the authentication method your
network is using, either
EAP-TLS
(default) or
PEAP
.
Page 17 / 39
Chapter 6
Advanced Configuration
13
Wireless-G Business Ethernet Bridge
EAP-TLS
EAP-TLS uses a Certificate file for authentication. The Login
Name and Private Key Password are used to decrypt the
certificate file.
Encryption
This is set to AES and cannot be changed.
Login Name
Enter your login name for the RADIUS server
.
Private Key Password
Enter your password.
Certificate
Enter the name of your certificate file or click
Browse
to locate it. Click
Import
to load and decode the
certificate file. Click
Apply
to save the configuration for
wireless authentication while being associated with an
Access Point.
PEAP
EAP-PEAP uses the Login Name and Password to perform
authentication with the RADIUS server.
Encryption
This is set to AES and cannot be changed.
Login Name
Enter your login name for the RADIUS server
.
Private Key Password
Enter your password.
When you are finished configuring the above settings,
click
Apply
to apply your changes, or click
Cancel
to
cancel your changes.
Wireless > Advanced Settings
This screen lets you configure advanced wireless settings.
Linksys recommends letting the Bridge automatically
adjust the parameters for maximum data throughput.
Wireless > Wireless Security - Advanced Settings
Transmission Rate
The default setting is
Auto
. The range
is from 1 to 54 Mbps. The rate should be set depending on
the speed of your wireless network. You can select from a
range of speeds, or keep the default setting,
Auto
, to have
the Bridge automatically use the fastest possible data
rate and enable the Auto-Fallback feature. Auto-Fallback
negotiates the best possible connection speed between
the Bridge and another wireless-equipped device.
RTS Threshold
This determines how large a packet can be
before the Bridge coordinates transmission and reception
to ensure efficient communication. It should remain at its
default setting of
2347
. If you encounter inconsistent data
flow, only minor modifications are recommended.
Fragmentation Threshold
The maximum size of a data
packet before it is split to create a new packet. It should
remain at its default setting of
2346
. A smaller setting
means smaller packets, resulting in more packets per
transmission. If you experience high packet error rates,
you can decrease this value, but it will likely decrease
overall network performance. Only minor modifications
of this value are recommended.
Cloning Mode
You can clone the MAC address of any
network device onto the Bridge. To disable MAC address
cloning, keep the default setting,
Disable
. To use the MAC
cloning feature, select
Enable
.
If you have enabled MAC cloning, then select
Auto
if you
want to clone the MAC address of the device currently
connected to one of the LAN ports. The Bridge will actively
scan for a new MAC address to be cloned whenever you
disconnect and reconnect the Bridge through a LAN port.
Select
Manual
if you want to specify a MAC address in the
Enter MAC Address
field. This is useful when the Bridge is
connected to multiple devices through a switch or a hub.
Click
Apply
to apply your changes, or click
Cancel
to
cancel your changes.
Switch
The Switch tab contains seven screens that allow you to
configure the advanced Ethernet switch features. The
managed switch has five 10/100 Ethernet ports which
allow advanced VLAN and QoS settings.
Switch > Port Management
The
Port Management
screen allows you to configure
and set the status of each of the Bridge’s ports—the five
Ethernet ports and the wireless “virtual” interface.
Switch > Port Management
Page 18 / 39
Chapter 6
Advanced Configuration
14
Wireless-G Business Ethernet Bridge
You can configure the Administrative Status and Flow
Control of the five Ethernet ports. The link speed and duplex
settings are done automatically through auto-negotiation.
Flow control should be enabled to control network traffic
during periods of congestion and prevent the loss of
packets when port buffer thresholds are exceeded. The
flow control feature is based on IEEE 802.3x which uses
control frames to throttle the outgoing packets from a
switch port to another IEEE 802.3x-compatible device.
This feature is not available on the wireless interface.
Administrative Status
To configure the administrative
status of the port, select either
Up
(default) or
Down
. A
port can be shut down even if it is physically connected.
Flow Control
To configure flow control for the port, select
either
Enabled
or
Disabled
(default).
NOTE:
Flow Control should be disabled when
QoS mode (802.1p, TOS, or DSCP) is configured.
QoS mode allows priority differentiation during
congestion instead of throttling off the traffic.
Link
Displays the port’s link status (UP or DOWN), which
is a combination of the Administrative Status and the
physical link connection.
Duplex
Displays the port’s duplex mode through auto-
negotiation if the link is UP.
Speed
Displays the port’s speed in Mbps through auto-
negotiation if the link is UP.
Click
Apply
to apply your changes, or click
Cancel
to
cancel your changes.
Switch > Port Mirroring
Use this screen to configure Port Mirroring, which lets you
mirror traffic to/from any port (including wireless) to Port 1
for real-time analysis. This can be helpful for troubleshooting
purposes
.
Switch > Port Mirroring
If this feature is enabled, Port 1 will only be able to
communicate with the source port and monitor the source
port’s traffic. Port 1 will not be able to communicate with
any other port while port mirroring is in effect.
Port Mirroring Setting
Type
To use port mirroring, select the direction in which
to monitor traffic:
Monitor Egress
,
Monitor Ingress
, or
Monitor Both
. To disable port mirroring, keep the default
setting,
Disabled
.
Source Port
If you have enabled port mirroring, select
the port whose packets will be duplicated to Port 1:
Port 2
(default),
Port 3
,
Port 4
,
Port 5
, or
Wireless
.
Click
Apply
to apply your changes, or click
Cancel
to
cancel your changes.
Switch > VLAN
The
VLAN
screen allows you to enable VLANs and select
the type of VLANs to be used on the switch.
Switch > VLAN
A VLAN is a group of ports that can be located anywhere
in a network, but communicate as if they are on the
same physical segment. VLANs help to simplify network
management by letting you move a device to a new VLAN
without changing any physical connections. VLANs can
be easily organized to reflect departmental groups (such
as Marketing or R&D), usage groups (such as e-mail), or
multicast groups (used for multimedia applications such
as videoconferencing).
Global VLAN Setting
To disable the VLAN feature, keep
the default setting,
Disabled
. Otherwise select the type
of VLAN to be used on the switch, either
Port Based
or
802.1Q
, then click
Apply Global Setting
.
Port
Based
The
switch
uses
port-based
VLAN
mapping to limit traffic between the ports.
802.1Q
The switch uses 802.1Q-based VLAN to
configure VLAN membership for all ports.
Page 19 / 39
Chapter 6
Advanced Configuration
15
Wireless-G Business Ethernet Bridge
802.1Q
In 802.1Q-based VLAN mode, tags are inserted into the
data packets to distinguish between different VLANs.
Switch > VLAN - 802.1Q
A VLAN can include any of the five physical Ethernet ports
(ports 1-5) as well as port 6, which controls the wireless
interface and CPU access (management traffic and web-
based utility access).
NOTE:
The default 802.1Q settings define one
VLAN whose VLAN ID (VID) is 1 and which
includes ports 1-6. This is to allow access to
the web-based utility from any of the ports.
In addition, port 1 and port 6 (Wireless & CPU
port) are permanently defined as part of VLAN
1; these settings cannot be changed. This
ensures that you can always access the web-
based utility through at least port 1, regardless
of your particular 802.1Q VLAN settings.
You can create up to 16 VLANs on the Switch. The valid
VLAN ID range is 1-4095. A VLAN with ID 1 has been pre-
configured by default and cannot be deleted.
802.1Q VLAN Port Setting
Each row of the table
corresponds to one port. For each port, configure the
802.1Q VLAN settings, then click
Apply 802.1Q VLAN
settings
.
Default VID
The default VLAN ID (VID) for this port.
Port 1 and port 6 are set to 1 permanently. All other
ports are set to
1
by default but may be changed.
Acceptable Frame Type
Select the type of frame to
accept, either
All Frames
(default) or
Tagged Only
.
Ingress Filtering
Select this option to enable ingress
filtering. Ingress filtering allows only packets with
VLAN IDs that are configured in the port’s membership
table.. This option is not selected by default.
The following summarizes 802.1Q VLAN operation when a
packet is received on a port:
If the packet has an 802.1Q tag, then go to step 3. If it
1.
does not have an 802.1Q tag, then continue to step 2.
If
the
Acceptable
Frame Type
field
is
set
to
2.
Tagged
Only
, then the packet is dropped. Otherwise, an
802.1Q tag with the default VLAN ID is inserted.
If
Ingress
Filtering
is
disabled,
then
the
frame
is
3.
accepted.
If
Ingress
Filtering
is
enabled,
then
the
membership
4.
table is checked to see if it contains the tag ID. If the
ID is not found, the packet is dropped; otherwise the
packet is accepted.
VLAN Membership Configuration
This is located on the
bottom half of the page. You use these fields to create the
VLAN membership table.
ID #
Enter the ID number of the VLAN to be created or
modified. The valid range is 2 to 4095. Note that VLAN
#1 is created by default and cannot be removed. By
default all ports are part of VLAN #1 with membership
status set to UnTag.
Port 1-6
For each VLAN ID to be created or modified,
you can select the membership status for its ports from
these drop-down menus. The default is
Drop
.
Drop
This port will not be part of the VLAN.
UnTag
This port will be part of the VLAN and
frames will exit this port without an 802.1Q tag.
Tag
This port will be part of the VLAN and frames
will exit this port with an 802.1Q tag.
Add/Modify Entry
After you have entered the VLAN
ID # and selected the membership status for its ports,
click
Add/Modify Entry
to add or modify the entry in
the VLAN membership table.
Delete VLAN Entry
Select the VLAN(s) to be deleted
and click
Delete VLAN Entry
to remove those entries.
Page 20 / 39
Chapter 6
Advanced Configuration
16
Wireless-G Business Ethernet Bridge
Port-Based
In port-based VLAN mode, the wireless bridge uses a port-
based VLAN map to limit the traffic between the ports. A
VLAN can include any of the five physical Ethernet ports
(ports 1-5) as well as port 6, which controls the wireless
interface and CPU access (management traffic and web-
based utility access).
NOTE:
The default port-based VLAN settings
consist of connections between port 6 and
each of the five Ethernet ports. This is to allow
access to the web-based utility from any of
the Ethernet ports. In addition, the connection
between ports 1 and 6 is permanent and cannot
be changed. This ensures that you can always
access the web-based utility through at least
port 1, regardless of your particular port-based
VLAN settings.
Switch > VLAN - Port-Based
Output Vector
Use these fields to configure your VLANs
as follows:
Each row of the table corresponds to one of the ports.
1.
For each port, specify its connections by selecting
all of its exit ports. For example, to specify a VLAN
connection from port 1 to port 2, select
2
in the row
labeled
Port 1
.
Each
exit
port
you
select
specifies
a
unidirectional
2.
connection only. (In the example in step 1, the direction
is from port 1 to port 2.) To automatically add the
connection in the opposite direction (from port 2 to
port 1 in the example), click
Configure Bi-directional
.
When
you
are
finished
defining
the
connections
for
3.
the VLAN(s), click
Apply Port VLAN Settings
to save
and activate your VLAN configuration.
Switch > MAC Based ACL
Switch > MAC Based ACL
An Access List (ACL) is a list of source MAC addresses that
is used to grant or deny access. If a packet passes from the
wireless port to a LAN port or vice versa, the Bridge will
check if the packet’s source MAC address matches any
entry in the access list, then use the match result to pass
or drop the packet. However, packets from LAN port to
LAN port are not checked. You can select from two types
of Access Lists. A Block list blocks specific MAC addresses
specified in the table; all other MAC addresses are accepted.
An Accept list only accepts the MAC addresses listed in the
table; all other MAC addresses are blocked.
Access List Type
To disable the Access List feature, keep
the default setting,
Disabled
. To enable Access Lists, select
Accept
or
Block
, then click
Apply Global Setting
.
If you choose to use an Accept list, you must remember to
include your computer’s MAC address in the list before you
click
Apply
. Failure to do so may result in your computer
being denied access to the device.
New Block Entry
To block packets with a specific MAC
address, enter the MAC address in this field, and click
Add
Block Entry
. To unblock the MAC address, enter the MAC
address in the field, click
Delete Block Entry
, then click
Apply Global Setting
.
Block List
Displays a list of blocked MAC addresses and
number of packets dropped for each address.
New Accept Entry
To accept packets with a specific MAC
address, enter the MAC address in this field, and click
Add
Access Entry
. To unaccept the MAC address, enter the
MAC address in the field, click
Delete Access Entry
, then
click
Apply Global Setting
.
Accept List
Displays a list of accepted MAC addresses
and number of packets accepted for each address.
Drop Count, Accept Count
When Access List is enabled,
these display the total number of packets dropped and
accepted. Click
Refresh
to display the latest information.

Rate

4 / 5 based on 1 vote.

Popular Linksys Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top