Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG102

Basic Installation and Configuration

3-19

v1.0, September 2005

—

WPA with Radius.

If selected, you must configure the Radius Server Settings (see

Figure 3-13 on page 3-27

).

—

WPA2-PSK.

WPA2 is a later version of WPA. Only select this if all clients support

WPA2. If selected, you must use AES encryption and enter the WPA passphrase (network

key).

—

WPA2 with Radius.

WPA2 is a later version of WPA. Only select this option if all clients

support WPA2. If selected, you must use AES encryption and configure the Radius Server

Settings (see

Figure 3-13 on page 3-27

).

—

WPA and WPA2 with Radius.

This selection allows clients to use either WPA (with

TKIP encryption) or WPA2 (with AES encryption). If selected, you must use TKIP + AES

encryption and configure the Radius Server Settings (see

Figure 3-13 on page 3-27

).

•

Data Encryption

: Select the desired option. If enabled (64 bit, 128 bit or 152 bits) the keys

must be entered, and other wireless stations must use the same keys. The default is None.

–

The 64- and 128-bit WEP (Wired Equivalent Privacy) options are the standard encryption

strength options.

–

The 152-bit key length is a proprietary WEP mode that will only work with other wireless

devices that support this mode.

–

The TKIP option is automatically enabled when either

WPA with Radius

or

WPA-PSK

authentication type is selected.

–

The AES option is automatically enabled when

WPA2-PSK

or

WPA2 with Radius

authentication type is selected. Some clients may support AES encryption with WPA, but

such an option is not supported by the WAG102 Access Point.

–

TKIP + AES. This option is automatically selected when

WPA and WPA2 with Radius

authentication type is selected. Broadcast packets always use TKIP. For unicast (point-to-

point) transmissions, WPA clients use TKIP and WPA2 clients use AES.

•

Passphrase

: To use the

passphrase

to generate the keys, enter a passphrase and click the

Generate Keys

button. You can also enter the keys directly. These keys must match the other

wireless stations. The key length must be 8 to 63 characters.

•

Key 1, Key 2, Key 3, Key 4

: Select the key to be used as the default key. Data transmissions

are always encrypted using the default key. The other keys can only be used to decrypt

received data. The four entries will be disabled if

Legacy 802.1x

or a

WPA/WPA2

authentication option is selected.

•

Re-authentication Time

: The time interval in seconds after which the supplicant will be

authenticated again with the Radius Server. The default is 3600 seconds.

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG102

3-20

Basic Installation and Configuration

v1.0, September 2005

•

Global-key Update

: Check on this option to enable Re-keying of Global Key. The Global

Key Re-Key can be done based on time interval in seconds or number of packets exchanged

using the global key. The default is 3600 seconds.

•

Update if any station disassociates

: Check on this option to refresh global key when any

stations disassociate with the wireless Access Point.

•

Wireless Client Security Separator

: The associated wireless clients will not be able to

communicate with each other if this feature is enabled. The feature is intended for hotspots and

other public-access situations to protect the privacy of each user. The default setting is

Disable.

Before You Change the SSID and WEP Settings

802.11a Configuration

For a new wireless network, print or copy this form and fill in the configuration parameters. For an

existing wireless network, the person who set up or is responsible for the network will be able to

provide this information. Be sure to set the Regulatory Domain correctly as the first step.

•

SSID

:

The Service Set Identification (SSID) identifies the wireless local area network.

NETGEAR_11a

is the default WAG102 SSID. However, you may customize it by using up to

32 alphanumeric characters. Write your customized SSID on the line below.

___________________________________

Note:

The SSID in the wireless access point is the SSID you configure in the wireless adapter

card. All wireless nodes in the same network must be configured with the same SSID:

•

Authentication

Circle one: Open System or Shared Key. Choose Shared Key for more security.

Note:

If you select shared key, the other devices in the network will not connect unless they

are set to Shared Key as well and have the same keys in the same positions as those in the

WAG102.

•

WEP Encryption Keys

For all four 802.11a keys, choose the Key Size. Circle one: 64, 128, or 152 bits.

Key 1: ___________________________________

Key 2: ___________________________________

Key 3: ___________________________________

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG102

Basic Installation and Configuration

3-21

v1.0, September 2005

Key 4: ___________________________________

•

WPA-PSK (Pre-Shared Key)

Record the WPA-PSK key:

Key: ___________________________________

•

WPA RADIUS Settings

For WPA, record the following settings for the primary and secondary RADIUS servers:

Server Name/IP Address: Primary _________________

Secondary __________________

Port: ___________________________________

Shared Secret: ___________________________________

Use the procedures described in the following sections to configure the WAG102. Store this

information in a safe place.

802.11b/g Configuration

For a new wireless network, print or copy this form and fill in the configuration parameters. For an

existing wireless network, the person who set up or is responsible for the network will be able to

provide this information. Be sure to set the Regulatory Domain correctly as the first step.

•

SSID

:

The Service Set Identification (SSID) identifies the wireless local area network.

NETGEAR_11g

is the default WAG102 SSID. However, you may customize it by using up to

32 alphanumeric characters. Write your customized SSID on the line below.

___________________________________

Note:

The SSID in the wireless access point is the SSID you configure in the wireless adapter

card. All wireless nodes in the same network must be configured with the same SSID:

•

Authentication

Circle one: Open System or Shared Key. Choose Shared Key for more security.

Note:

If you select shared key, the other devices in the network will not connect unless they

are set to Shared Key as well and have the same keys in the same positions as those in the

WAG102.

•

WEP Encryption Keys

For all four 802.11b/g keys, choose the Key Size. Circle one: 64, 128, or 152 bits.

Key 1: ___________________________________

Key 2: ___________________________________

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG102

3-22

Basic Installation and Configuration

v1.0, September 2005

Key 3: ___________________________________

Key 4: ___________________________________

•

WPA-PSK (Pre-Shared Key)

Record the WPA-PSK key:

Key: ___________________________________

•

WPA RADIUS Settings

For WPA, record the following settings for the primary and secondary RADIUS servers:

Server Name/IP Address: Primary _________________

Secondary __________________

Port: ___________________________________

Shared Secret: ___________________________________

Use the procedures described in the following sections to configure the WAG102. Store this

information in a safe place.

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG102

Basic Installation and Configuration

3-23

v1.0, September 2005

How to Set Up and Test Basic Wireless Connectivity

Follow the instructions below to set up and test basic wireless connectivity. Once you have

established basic wireless connectivity, you can enable security settings appropriate to your needs.

1.

Log in to the WAG102 using its default address of

http://192.168.0.232

or at whatever IP

address the unit is currently configured. Use the default user name of

admin

and default

password of

password

, or whatever password you set up.

2.

Select the Country/Region in which the wireless interface will operate.

3.

Click the Wireless Settings link in the main menu of the WAG102.

4.

Choose a suitable descriptive name for the wireless network name (SSID). In the SSID box,

enter a value of up to 32 alphanumeric characters. The default SSID is NETGEAR_11a or

NETGEAR-11g.

5.

Set the Channel. It should not be necessary to change the wireless channel unless you notice

interference problems or are near another wireless access point. Select a channel that is not

being used by any other wireless networks within several hundred feet of your wireless access

point. For more information on the wireless channel frequencies see

“Wireless

Communications:” in Appendix B

.

6.

For initial configuration and testing, leave the Data Encryption set to “None” and do not turn

on the Access Control List.

7.

Click Apply to save your changes.

8.

Configure and test your PCs for wireless connectivity.

Program the wireless adapter of your PCs to have the same SSID and channel that you

configured in the WAG102. Check that they have a wireless link and are able to obtain an IP

address by DHCP from the WAG102.

Note:

The SSID of any wireless access adapters must match the SSID you configure

in the WAG102 ProSafe Dual Band Wireless Access Point. If they do not

match, you will not get a wireless connection to the WAG102.

Note:

If you are configuring the WAG102 from a wireless computer and you change

the SSID, channel, or security settings, you will lose your wireless connection

when you click Apply. You must then change the wireless settings of your

computer to match the new settings.