Home » Netgear Manuals » Modems » Netgear WGR614v7 » Manual Viewer

Netgear WGR614v7 WGR614v7 Reference Manual - Page 132

How Does WPA Compare to WPA2 (IEEE 802.11i)?, What are the Key Features of WPA and WPA2 Security? - client mode

Add to My Manuals
Save this manual to your list of manuals

Page 132 highlights

54 Mbps Wireless Router WGR614v7 Reference Manual How Does WPA Compare to WPA2 (IEEE 802.11i)? WPA is forward compatible with the WPA2 security specification. WPA is a subset of WPA2 and used certain pieces of the early 802.11i draft, such as 802.1x and TKIP. The main pieces of WPA2 that are not included in WPA are secure IBSS (Ad-Hoc mode), secure fast handoff (for specialized 802.11 VoIP phones), as well as enhanced encryption protocols, such as AES-CCMP. These features were either not yet ready for market or required hardware upgrades to implement. What are the Key Features of WPA and WPA2 Security? The following security features are included in the WPA and WPA2 standard: • WPA and WPA2 Authentication • WPA and WPA2 Encryption Key Management - Temporal Key Integrity Protocol (TKIP) - Michael message integrity code (MIC) - AES support (WPA2, requires hardware support) • Support for a mixture of WPA, WPA2, and WEP wireless clients to allow a migration strategy, but mixing WEP and WPA/WPA2 is discouraged These features are discussed below. WPA/WPA2 addresses most of the known WEP vulnerabilities and is primarily intended for wireless infrastructure networks as found in the enterprise. This infrastructure includes stations, access points, and authentication servers (typically RADIUS servers). The RADIUS server holds (or has access to) user credentials (for example, user names and passwords) and authenticates wireless users before they gain access to the network. The strength of WPA/WPA2 comes from an integrated sequence of operations that encompass 802.1X/EAP authentication and sophisticated key management and encryption techniques. Its major operations include: • Network security capability determination. This occurs at the 802.11 level and is communicated through WPA information elements in Beacon, Probe Response, and (Re) Association Requests. Information in these elements includes the authentication method (802.1X or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES). D-10 April 2006 Wireless Networking Basics

Section	Page
Chapter 1 About This Manual	11
Audience, Scope, Conventions, and Formats	11
How to Use This Manual	12
How to Print this Manual	13
Chapter 2 Introduction	15
Key Features	15
802.11g Wireless Networking	16
A Powerful, True Firewall with Content Filtering	16
Security	17
Autosensing Ethernet Connections with Auto Uplink	17
Extensive Protocol Support	17
Easy Installation and Management	18
Maintenance and Support	19
Package Contents	19
The Router’s Front Panel	20
The Router’s Rear Panel	21
Chapter 3 Configuring the Internet and Wireless Settings	23
Initial Configuration	23
Logging Into Your Router	24
Changing Your Configuration	26
Internet Settings	26
Wireless Settings	30
Default Factory Settings	32
How to Bypass the Configuration Assistant	33
NETGEAR Product Registration, Support, and Documentation	33
Chapter 4 Content Filtering	35
Content Filtering Overview	35
Blocking Access to Internet Sites	36
Blocking Access to Internet Services	37
Configuring a User Defined Service	38
Configuring Services Blocking by IP Address Range	39
Scheduling When Blocking Will Be Enforced	39
Viewing Logs of Web Access or Attempted Web Access	40
Configuring E-Mail Alert and Web Access Log Notifications	41
Chapter 5 Maintenance	43
Viewing Wireless Router Status Information	43
Viewing a List of Attached Devices	47
Configuration File Management	47
Restoring and Backing Up the Configuration	48
Erasing the Configuration	49
Upgrading the Router Software	49
Changing the Administrator Password	50
Chapter 6 Advanced Configuration of the Router	53
Configuring Port Triggering	53
Configuring Port Forwarding to Local Servers	55
Adding a Custom Service	57
Editing or Deleting a Port Forwarding Entry	57
Local Web and FTP Server Example	58
Multiple Computers for Half Life, KALI or Quake III Example	58
Configuring the WAN Setup Options	59
Connect Automatically, as Required	59
Disabling the SPI Firewall	60
Setting Up a Default DMZ Server	60
Responding to Ping on Internet WAN Port	60
Setting the MTU Size	61
Using the LAN IP Setup Options	61
Configuring LAN TCP/IP Setup Parameters	62
Using the Router as a DHCP server	63
Using Address Reservation	64
Using a Dynamic DNS Service	65
Configuring Static Routes	66
Enabling Remote Management Access	68
Using Universal Plug and Play (UPnP)	70
Chapter 7 Troubleshooting	73
Basic Functioning	73
Power Light Not On	73
Lights Never Turn Off	74
LAN or WAN Port Lights Not On	74
Troubleshooting the Web Configuration Interface	75
Troubleshooting the ISP Connection	76
Troubleshooting a TCP/IP Network Using a Ping Utility	77
Testing the LAN Path to Your Router	77
Testing the Path from Your Computer to a Remote Device	78
Restoring the Default Configuration and Password	79
Problems with Date and Time	79
Appendix A Technical Specifications	81
Appendix B Network, Routing, Firewall, and Basics	83
Related Publications	83
Basic Router Concepts	83
What is a Router?	83
Routing Information Protocol	84
IP Addresses and the Internet	84
Netmask	86
Subnet Addressing	86
Private IP Addresses	89
Single IP Address Operation Using NAT	89
MAC Addresses and Address Resolution Protocol	90
Related Documents	91
Domain Name Server	91
IP Configuration by DHCP	92
Internet Security and Firewalls	92
What is a Firewall?	92
Stateful Packet Inspection	93
Denial of Service Attack	93
Ethernet Cabling	93
Category 5 Cable Quality	94
Inside Twisted Pair Cables	94
Uplink Switches, Crossover Cables, and MDI/MDIX Switching	96
Appendix C Preparing Your Network	99
What You Need To Use a Router with a Broadband Modem	99
Cabling and Computer Hardware	99
Computer Network Configuration Requirements	99
Internet Configuration Requirements	100
Where Do I Get the Internet Configuration Parameters?	100
Record Your Internet Connection Information	101
Preparing Your Computers for TCP/IP Networking	101
Configuring Windows 95, 98, and Me for TCP/IP Networking	102
Install or Verify Windows Networking Components	102
Enabling DHCP to Automatically Configure TCP/IP Settings in Windows 95B, 98, and Me	104
Selecting Windows’ Internet Access Method	106
Verifying TCP/IP Properties	106
Configuring Windows NT4, 2000 or XP for IP Networking	107
Install or Verify Windows Networking Components	107
DHCP Configuration of TCP/IP in Windows XP, 2000, or NT4	108
DHCP Configuration of TCP/IP in Windows XP	108
DHCP Configuration of TCP/IP in Windows 2000	110
DHCP Configuration of TCP/IP in Windows NT4	113
Verifying TCP/IP Properties for Windows XP, 2000, and NT4	115
Configuring the Macintosh for TCP/IP Networking	116
MacOS 8.6 or 9.x	116
MacOS X	116
Verifying TCP/IP Properties for Macintosh Computers	117
Verifying the Readiness of Your Internet Account	118
Are Login Protocols Used?	118
What Is Your Configuration Information?	118
Obtaining ISP Configuration Information for Windows Computers	119
Obtaining ISP Configuration Information for Macintosh Computers	120
Restarting the Network	121
Appendix D Wireless Networking Basics	123
Wireless Networking Overview	123
Infrastructure Mode	123
Ad Hoc Mode (Peer-to-Peer Workgroup)	124
Network Name: Extended Service Set Identification (ESSID)	124
Authentication and WEP Data Encryption	124
802.11 Authentication	125
Open System Authentication	125
Shared Key Authentication	126
Overview of WEP Parameters	127
Key Size	128
WEP Configuration Options	129
Wireless Channels	129
WPA and WPA2 Wireless Security	130
How Does WPA Compare to WEP?	131
How Does WPA Compare to WPA2 (IEEE 802.11i)?	132
What are the Key Features of WPA and WPA2 Security?	132
WPA/WPA2 Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS	134
WPA/WPA2 Data Encryption Key Management	136
Is WPA/WPA2 Perfect?	138
Product Support for WPA/WPA2	138
Supporting a Mixture of WPA, WPA2, and WEP Wireless Clients is Discouraged	138
Changes to Wireless Access Points	139
Changes to Wireless Network Adapters	139
Changes to Wireless Client Programs	140

Match case Limit results 1 per page

54 Mbps Wireless Router WGR614v7 Reference Manual

D-10

Wireless Networking Basics

April 2006

How Does WPA Compare to WPA2 (IEEE 802.11i)?

WPA is forward compatible with the WPA2 security specification. WPA is a subset of WPA2 and

used certain pieces of the early 802.11i draft, such as 802.1x and TKIP. The main pieces of WPA2

that are not included in WPA are secure IBSS (Ad-Hoc mode), secure fast handoff (for specialized

802.11 VoIP phones), as well as enhanced encryption protocols, such as AES-CCMP. These

features were either not yet ready for market or required hardware upgrades to implement.

What are the Key Features of WPA and WPA2 Security?

The following security features are included in the WPA and WPA2 standard:

•

WPA and WPA2 Authentication

•

WPA and WPA2 Encryption Key Management

–

Temporal Key Integrity Protocol (TKIP)

–

Michael message integrity code (MIC)

–

AES support (WPA2, requires hardware support)

•

Support for a mixture of WPA, WPA2, and WEP wireless clients to allow a migration strategy,

but mixing WEP and WPA/WPA2 is discouraged

These features are discussed below.

WPA/WPA2 addresses most of the known WEP vulnerabilities and is primarily intended for

wireless infrastructure networks as found in the enterprise. This infrastructure includes stations,

access points, and authentication servers (typically RADIUS servers). The RADIUS server holds

(or has access to) user credentials (for example, user names and passwords) and authenticates

wireless users before they gain access to the network.

The strength of WPA/WPA2 comes from an integrated sequence of operations that encompass

802.1X/EAP authentication and sophisticated key management and encryption techniques. Its

major operations include:

•

Network security capability determination. This occurs at the 802.11 level and is

communicated through WPA information elements in Beacon, Probe Response, and (Re)

Association Requests. Information in these elements includes the authentication method

(802.1X or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES).