Home » ZyXEL Manuals » Networking » ZyXEL P-330W » Manual Viewer

ZyXEL P-330W User Guide - Page 125

PEAP Protected EAP

Get ZyXEL P-330W PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 125 highlights

ZyXEL P-330W User's Guide PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco. Table 49 Comparison of EAP Authentication Types Mutual Authentication Certificate - Client Certificate - Server Dynamic Key Exchange Credential Integrity Deployment Difficulty Client Identity Protection EAP-MD5 No No No No None Easy No EAP-TLS Yes Yes Yes Yes Strong Hard No EAP-TTLS Yes Optional Yes Yes Strong Moderate Yes PEAP Yes Optional Yes Yes Strong Moderate Yes 125 Appendix F Types of EAP Authentication

Section	Page
User’s Guide	1
Copyright	2
Disclaimer	2
Trademarks	2
Federal Communications Commission (FCC) Interference Statement	3
Notice 1	3
Certifications	3
ZyXEL Limited Warranty	4
Note	4
Safety Warnings	4
Customer Support	5
Table of Contents	6
List of Figures	12
List of Tables	16
Preface	18
About This User's Guide	18
Related Documentation	18
User Guide Feedback	18
Syntax Conventions	18
Graphics Icons Key	19
Getting to Know Your P-330W	20
1.1 P-330W Internet Security Gateway Overview	20
1.2 P-330W Features	20
1.2.1 Physical Features	20
1.2.1.1 10/100M Auto-negotiating Ethernet/Fast Ethernet Interface(s)	20
1.2.1.2 Auto-crossover 10/100 Mbps Ethernet Interface(s)	20
1.2.1.3 4-Port Switch	20
1.2.1.4 Time and Date	21
1.2.1.5 Reset Button	21
1.2.2 Removable Antenna	21
1.2.3 Non-Physical Features	21
1.2.3.1 Firewall	21
1.2.3.2 802.11b Wireless LAN Standard	21
1.2.3.3 802.11g Wireless LAN Standard	22
1.2.3.4 Packet Filtering	22
1.2.3.5 Universal Plug and Play (UPnP)	22
1.2.3.6 PPPoE	22
1.2.3.7 PPTP Encapsulation	22
1.2.3.8 Dynamic DNS Support	22
1.2.3.9 Network Address Translation (NAT)	23
1.2.3.10 Port Forwarding	23
1.2.3.11 DHCP (Dynamic Host Configuration Protocol)	23
1.2.3.12 Logging and Tracing	23
1.2.3.13 Wireless Association List	23
1.3 Applications for the P-330W	23
1.3.1 Secure Broadband Internet Access via Cable or DSL Modem	23
1.3.2 Internet Access Application	24
Introducing the Web Configurator	26
2.1 Web Configurator Overview	26
2.2 Accessing the P-330W Web Configurator	26
2.2.0.1 Resetting the P-330W	26
2.2.1 Navigating the P-330W Web Configurator	27
2.2.2 Navigation Panel	27
Wizard Setup	30
3.1 Wizard Setup Overview	30
3.2 Wizard Setup: Screen 2	30
3.2.1 DHCP Client	30
3.2.2 Static IP	30
3.2.3 PPPoE Encapsulation	31
3.2.4 PPTP Encapsulation	32
3.2.5 L2TP Encapsulation	33
3.3 Wizard Setup: Screen 3	34
3.4 Wizard Setup: Screen 4	35
3.4.1 No Encryption	36
3.4.2 WEP Encryption	36
3.4.3 WPA	37
3.4.4 WPA2 (AES)	37
3.4.5 WPA2 Mixed	38
3.5 Basic Setup Complete	39
System Screens	40
4.1 Setup Wizard	40
4.2 Operation Mode	40
4.3 LAN Overview	41
4.3.1 DHCP Setup	42
4.3.2 IP Pool Setup	42
4.3.3 System DNS Servers	42
4.3.4 LAN TCP/IP	42
4.3.5 Factory LAN Defaults	42
4.3.6 IP Address and Subnet Mask	42
4.3.7 Configuring IP	42
4.4 Configuring Password	44
4.5 Status Screen	44
Wireless	46
5.1 Wireless LAN Overview	46
5.1.1 IBSS	46
5.1.2 BSS	46
5.1.3 ESS	47
5.1.4 RTS/CTS	48
5.2 Configuring Wireless	49
5.3 Basic Settings	49
5.4 Wireless Advanced Settings	51
5.4.1 Authentication	51
5.4.2 Preamble Type	52
5.5 Site Survey	53
5.6 Wireless Security Overview	53
5.7 Security Parameters Summary	56
5.7.1 WEP Overview	56
5.7.2 Data Encryption	56
5.7.3 Configuring WEP Encryption	56
5.7.4 Introduction to WPA	59
5.7.4.1 User Authentication	59
5.7.4.2 Encryption	59
5.7.4.3 WPA-PSK Application Example	60
5.7.5 Introduction to WPA2	60
5.7.6 Configuring WPA-PSK Authentication	60
5.7.7 Introduction to RADIUS	62
5.7.7.1 Types of RADIUS Messages	62
5.7.7.2 Access-Challenge	62
5.7.7.3 Accounting-Request	62
5.7.7.4 Accounting-Response	62
5.7.7.5 EAP Authentication Overview	63
5.7.7.6 WPA with RADIUS Application Example	63
5.7.8 Configuring WPA Authentication	64
5.8 WDS Settings	66
5.9 Wireless Trusted Stations	67
Advanced Options	70
6.1 Access Control	70
6.2 Dynamic DNS	71
6.3 Configuring Dynamic DNS	72
6.4 DMZ	73
6.5 Virtual Servers (Port Forwarding)	73
6.5.0.1 Configuring Servers Behind SUA (Example)	74
6.5.1 Configuring Virtual Servers	75
6.6 Special Applications	76
6.7 WAN Port	77
6.7.1 Static IP Encapsulation	77
6.7.2 DHCP IP Encapsulation	79
6.7.3 PPPoE Encapsulation	80
6.7.4 PPTP Encapsulation	82
6.7.5 L2TP Encapsulation	84
6.8 Ping	86
6.9 DoS Setting	87
6.10 Diagnostics	88
Administrator Options	90
7.1 Remote Management	90
7.2 Configuration Screen	90
7.2.1 Backup Configuration	91
7.2.2 Restore Configuration	91
7.2.3 Back to Factory Defaults	92
7.3 Logs	92
7.4 IP Filtering	94
7.5 MAC Filtering	95
7.6 URL Filtering	95
7.7 Statistics	96
7.8 Time Zone Setting	96
7.9 Upgrade Firmware	97
Appendix A	100
PPPoE	100
PPPoE in Action	100
Benefits of PPPoE	100
Traditional Dial-up Scenario	100
How PPPoE Works	101
P-330W as a PPPoE Client	101
Appendix B	102
PPTP	102
What is PPTP?	102
How can we transport PPP frames from a computer to a broadband modem over Ethernet?	102
PPTP and the P-330W	102
PPTP Protocol Overview	103
Control & PPP Connections	103
Call Connection	103
PPP Data Connection	104
Appendix C	106
Setting up Your Computer’s IP Address	106
Windows 95/98/Me	106
Installing Components	107
Configuring	108
Verifying Settings	109
Windows 2000/NT/XP	109
Verifying Settings	113
Macintosh OS 8/9	114
Verifying Settings	115
Macintosh OS X	115
Verifying Settings	116
Appendix D	118
Wireless LAN and IEEE 802.11	118
Benefits of a Wireless LAN	118
IEEE 802.11	118
Ad-hoc Wireless LAN Configuration	119
Infrastructure Wireless LAN Configuration	119
Appendix E	122
Wireless LAN With IEEE 802.1x	122
Security Flaws with IEEE 802.11	122
Deployment Issues with IEEE 802.11	122
IEEE 802.1x	122
Advantages of the IEEE 802.1x	122
RADIUS Server Authentication Sequence	123
Appendix F	124
Types of EAP Authentication	124
EAP-MD5 (Message-Digest Algorithm 5)	124
EAP-TLS (Transport Layer Security)	124
EAP-TTLS (Tunneled Transport Layer Service)	124
PEAP (Protected EAP)	125
Appendix G	126
Antenna Selection and Positioning Recommendation	126
Antenna Characteristics	126
Frequency	126
Radiation Pattern	126
Antenna Gain	126
Types of Antennas For WLAN	126
Positioning Antennas	127
Appendix H	128
Open Saftware Announcements	128
This Product includes Zlib under Zlib License	128
Zlib License	128
ZLIB is third party library and has its own license.	128
This product includes pppd(includes radius) under BSD License, RSA Data Security, Inc. License and Roaring Penguin Software under GPL License	129
BSD	129
RSA Data Security, Inc License	130
This product include brctl, shell commands, hwclock, dnrd, gmp, iptables, Awk, MTD, ntpclient, pppd , pptp, udhcpd/ udhcpc, updated, libupnp/pseudo ICS, iwpriv, gcc, linux(kernal) and tiny under GPL License.	130
GNU GENERAL PUBLIC LICENSE	130
End-User License Agreement for “P-330W “	135
Index	140
A	140
B	140
C	140
D	140
E	140
F	140
G	140
H	140
I	140
L	141
M	141
N	141
P	141
R	141
S	141
U	141
V	141