ZyXEL G-200 User Guide - Page 34

Data Encryption with 802.1x, 1x Overview, EAP Authentication Overview

Get ZyXEL G-200 PDF manuals and user guides View all ZyXEL G-200 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 34 highlights

ZyAIR G-200 User's Guide FIELD Encryption Status Passphrase OK Table 2-6 WPA-PSK Authentication DESCRIPTION All unicast traffic is automatically encrypted by TKIP when WPA or WPA-PSK Authentication is selected. See the section on Encryption for details about Temporal Key Integrity Protocol (TKIP). Type a Passphrase from 8 to 63 ASCII characters long. The Passphrase is casesensitive. You must use the same Passphrase for all wireless LAN adapters with this feature in the same WLAN. For more information on Passphrase, see section 2.6.1. Click OK to apply the changes and close the screen. 2.6.4 Data Encryption with 802.1x Select 802.1x from the Authentication drop-down list box to view the security configuration options. 802.1x Overview The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless stations and encryption key management. Authentication can be done using an external RADIUS server for an unlimited number of users. EAP Authentication Overview EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE802.1x transport mechanism in order to support multiple types of user authentication. By using EAP to interact with an EAP-compatible RADIUS server, the access point helps a wireless station and a RADIUS server perform authentication. The type of authentication you use depends on the RADIUS server or the AP. The ZyAIR supports EAP-TLS, EAP-TTLS, LEAP and PEAP with RADIUS. Refer to the Types of EAP Authentication appendix for descriptions on the different types. The details below provide a general description of how IEEE 802.1x EAP authentication works. For an example list of EAP-MD5 authentication steps, see the IEEE 802.1x appendix. ♦ The wireless station sends a "start" message to the AP. ♦ The AP sends a "request identity" message to the wireless station for identity information. ♦ The wireless station replies with identity information, including username and password. ♦ The RADIUS server checks the user information against its user profile database and determines whether or not to authenticate the wireless station. 2-16 Using the ZyAIR Utility

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
ZyAIR G-200 User’s Guide
2-16
Using the ZyAIR Utility
Table 2-6 WPA-PSK Authentication
FIELD
DESCRIPTION
Encryption Status
All unicast traffic is automatically encrypted by
TKIP
when
WPA
or
WPA-PSK
Authentication
is selected. See the section on Encryption for details about
Temporal Key Integrity Protocol (
TKIP
).
Passphrase
Type a Passphrase from
8 to 63 ASCII characters long. The Passphrase is case-
sensitive. You must use the same Passphrase for all wireless LAN adapters with
this feature in the same WLAN. For more information on Passphrase, see
section
2.6.1.
OK
Click
OK
to apply the changes and close the screen.
2.6.4 Data Encryption with 802.1x
Select
802.1x
from the
Authentication
drop-down list box to view the security configuration
options.
802.1x Overview
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of
wireless stations and encryption key management. Authentication can be done using an external
RADIUS server for an unlimited number of users.
EAP Authentication Overview
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the
IEEE802.1x transport mechanism in order to support multiple types of user authentication. By
using EAP to interact with an EAP-compatible RADIUS server, the access point helps a wireless
station and a RADIUS server perform authentication.
The type of authentication you use depends on the RADIUS server or the AP. The ZyAIR
supports EAP-TLS, EAP-TTLS, LEAP and PEAP with RADIUS. Refer to the
Types of EAP
Authentication
appendix for descriptions on the different types.
The details below provide a general description of how IEEE 802.1x EAP authentication works.
For an example list of EAP-MD5 authentication steps, see the
IEEE 802.1x appendix
.
The wireless station sends a “start” message to the AP.
The AP sends a “request identity” message to the wireless station for identity
information.
The wireless station replies with identity information, including username and password.
The RADIUS server checks the user information against its user profile database and
determines whether or not to authenticate the wireless station.