Upload
walter-grant
View
222
Download
5
Tags:
Embed Size (px)
Citation preview
Allied Telesyn Wireless LAN Solutions
AT-WL2411 Access Point
AT-WR2411 Wireless LAN PCMCIA Card
AT-WL2411 Access Point
10Base-T Ethernet interface 11Mbps, 5.5Mbps, 2Mbps, 1Mbps with
automatic fallback for increased range IEEE 802.11 and 802.1b standards
compliant IP, IPX, Appletalk, NetBEUI, DECnet
protocol filters
AT-WL2411 Features
High Performance Wireless Bridging Wireless Repeating Enterprise roaming - IP Tunnels
High Performance
Filters traffic at full Ethernet speed and forwards traffic at full radio speeds
Flooding and filtering options to keep unnecessary traffic off the airwaves and optimise performance
Broadcast filters to further eliminate traffic
Wireless bridging
Two or more AT-WL2411s can be used for wireless bridging
AT-WL2411 can be configured to originate or terminate a bridged-link
AT-WL2411s on both sides of a bridged link can also be configured to simultaneously communicate with end devices
Wireless repeating
AT-WL2411 can be configured as a wireless repeater
A wireless repeater has no Ethernet connection
It establishes a wireless communication link to one or more access points that are conneted to an Ethernet LAN
Feature useful to cover areas with no LAN wiring
Enterprise roaming
Integrated Network Communications Architecture/Internet Protocol (INCA/IP) is an advanced feature that allows enterprise roaming
End devices can easily roam across network subnets
INCA/IP uses Generic Routing Encapsulation (GRE) protocol to tunnel information across subnets
An IP tunnel allows wireless clients to roam across subnets
Must be originated by the root access point
IP Tunnel filters work the same as Ethernet filters but apply to the IP Tunnel Port.• All tunnel traffic is dropped by default• Filters must be set in the root access point
and the access point at the end of the tunnel
IP Tunnels
R1.5 Enterprise Software• TCP/IP Settings
- DHCP Client/Server- NAT Server
• Network Management• Passwords
- RADIUS support
• Upgrading- Internet Software Download- Upgrade Other APs- Diag Upgrade
Software Features
Intended to provide DHCP server functionality for small installations where no other server is present
Not intended to replace a configurable, full featured DHCP server
The DHCP server can be enabled in each AP. This functionality is not coordinated by the root
You should have only one DHCP server per network
Simple DHCP Server
• Lease duration is always 20 minutes• The IP address will be chosen from a range of addresses
configured by the user.• The subnet mask, default router, and IP broadcast address
will contain the same values as configured for the access point
• If other DHCP servers are on the network, clients will get an address from the first server that responds.
• When the AP running the DHCP server is rebooted all
leases will be renewed with the same IP address.
Simple DHCP Server
The DHCP Server must be enabled to use NATNAT is auto-enabled if the range of DHCP address
entered is not on the same subnet as the access point
The lowest range entered in the DHCP address range will be the default router for all NAT clients.
Static NAT IP address can be used.The AP will replace the MAC address, IP source
address and TCP/UDP port with its own.
Network Address Translation
- NAT does NOT pass ICMP packets. You cannot perform ‘ping functionality’, either to or from the client device.
- Can configure a NAT specific subnet mask. This would allow you to use a different mask than the AP.
- NAT is a firewall. Therefore Non-NAT devices can not talk to NAT devices.
- We have implemented DUMB NAT (similar to some DSL gateways). We do not inspect the frame at the application layer to correct NAT problems. FTP will only work if the client has selected FTP in PASV mode.
• “PASV mode” forces data connections to be established by the client rather than the server.
Network Address Translation
Advanced Network Management
Simple Network Management protocol (SNMP)
Web-browser-based manager Text-based menu system, serial port, or
Telnet via RF, serial and Ethernet
Radius Definition• Remote Authentication Dial In User Services• Industry standard for userid/password authentication
Each Access Point can be a Radius Client and/or a Radius Server
RADIUS Functionality
RADIUS Server• User Database containing User Names and
Passwords used to authenticate users on radius administered access points
• Configuration- Enable the Server- Enter the Secret Key- Setup User Names and Passwords of Clients
RADIUS Functionality
RADIUS Client• Enabling the radius client disables all user
names and passwords set in the access point.
• If you do not have a radius server and you enable the radius client you are ‘locked out’ of the access point.
• Configuration- Enable the Client- Enter the IP address of the Server- Enter the Secret Key of the Server
RADIUS Functionality
• Download the newest AP software from the ATI web site.
• Point your browser to the downloaded file.• Upgrade your access point.
Software Upgrade
Allied Telesyn S/W download
Security Features
WEP Types of WEP Encryption
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) can be enabled in the AT-WL2411 and AT-WR2411 PCMCIA cards
Enabling WEP provides a high degree of encryption protection and prevents unauthorised users from gaining access to the network
Types of WEP Encryption • WEP64
- ASCII – 5 Characters• 12345
- HEX – 10 Characters preceded by ‘0x’• 0x0102030405
• WEP128- ASCII – 13 Characters
• 1234567890123
- HEX – 26 Characters preceded by ‘0x’• 0x12345678901234567890123456
WEP Encryption
AT-WL2411 wireless LAN PCMCIA Card
Based on standards: 802.11b specification high performance solution for computers
with a PCMCIA type II slot supports both 40-bit and 128-bit WEP
security no througput degradation is experienced
when this support is enabled
Benefits Summary Wireless access anywhere in the enterprise Connection distances of 500 feet and more Advanced Security High end management Ligthweight (less than 8 ounces) and low cost designed for easy integration into office environments Access point AT-WL2411 automatically tracks and
connects roaming clients without the cost and complexity of a dedicated mobile IP server or additional hubs and cabling
fully integrated IP tunneling Industry-standard technologies for seamless integration
AT-WL2411 Access points competitive matrix
128-bit WEP INCA/IP IGMP SNMP Statistics monitoringAllied Telesyn yes yes yes yes yes
Symbol yes yes yesCisco yes yes yes3Com yes yes yes
Breezecom yesIntel yes yes
LinksysD-LinkBuffalo
Allied Telesyn vs competitors
Measured access to 500 feet. The only other PCMCIA with this type of performance was Cisco
128-bit WEP with no throughput degradation. D-Link only supports 40-bit WEP. Other solutions suffered performance limitations with WEP enabled
Allied Telesyn vs competitors
Allied Telesyn’s wireless products provide the customer with the highest performance available in the wireless marketplace today, at a lower price