Home » ZyXEL Manuals » Networking » ZyXEL P-660HN-51 » Manual Viewer

ZyXEL P-660HN-51 User Guide - Page 124

User Authentication, 8.3.4, Encryption

Add to My Manuals
Save this manual to your list of manuals

Page 124 highlights

Chapter 8 Wireless LAN You can use the MAC address filter to tell the ZyXEL Device which devices are allowed or not allowed to use the wireless network. If a device is allowed to use the wireless network, it still has to have the correct information (SSID, channel, and security). If a device is not allowed to use the wireless network, it does not matter if it has the correct information. This type of security does not protect the information that is sent in the wireless network. Furthermore, there are ways for unauthorized wireless devices to get the MAC address of an authorized device. Then, they can use that MAC address to use the wireless network. 8.8.3.3 User Authentication Authentication is the process of verifying whether a wireless device is allowed to use the wireless network. You can make every user log in to the wireless network before using it. However, every device in the wireless network has to support IEEE 802.1x to do this. For wireless networks, you can store the user names and passwords for each user in a RADIUS server. This is a server used in businesses more than in homes. If you do not have a RADIUS server, you cannot set up user names and passwords for your users. Unauthorized wireless devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network. 8.8.3.4 Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network. Encryption is like a secret code. If you do not know the secret code, you cannot understand the message. The types of encryption you can choose depend on the type of authentication. (See Section 8.8.3.3 on page 124 for information about this.) Table 40 Types of Encryption for Each Type of Authentication NO AUTHENTICATION RADIUS SERVER Weakest No Security WPA Static WEP WPA-PSK Strongest WPA2-PSK WPA2 124 P-660HN-TxA User's Guide

Section	Page
P-660HN-TxA	1
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
User’s Guide	19
Introduction	21
1.1 Overview	21
1.2 Ways to Manage the ZyXEL Device	21
1.3 Good Habits for Managing the ZyXEL Device	22
1.4 Applications for the ZyXEL Device	22
1.4.1 Internet Access	22
1.5 Wireless Access	23
1.5.1 Using the WPS/WLAN Button	23
1.6 LEDs (Lights)	25
1.7 The RESET Button	26
1.7.1 Using the Reset Button	27
The Web Configurator	29
2.1 Overview	29
2.1.1 Accessing the Web Configurator	29
2.2 The Main Screen	31
2.2.1 Title Bar	32
2.2.2 Navigation Panel	32
2.2.3 Main Window	34
2.2.4 Status Bar	34
Status Screens	35
3.1 Overview	35
3.2 The Status Screen	35
Tutorials	39
4.1 Overview	39
4.2 Setting Up a Secure Wireless Network	39
4.2.1 Configuring the Wireless Network Settings	40
4.2.2 Using WPS	41
4.2.3 Without WPS	46
4.2.4 Setting Up Wireless Network Scheduling	46
4.3 Configuring the MAC Address Filter	47
4.4 Configuring Static Route for Routing to Another Network	49
4.5 Multiple Public and Private IP Address Mappings	52
4.5.1 Full Feature NAT + Many-to-Many No Overload Mapping	53
4.5.2 Full Feature NAT + One-to-One Mapping	54
4.6 Multiple WAN Connections Example	55
Technical Reference	57
Internet and Wireless Setup Wizard	59
5.1 Overview	59
5.2 Internet Access Wizard Setup	59
5.2.1 Manual Configuration	62
5.3 Wireless Connection Wizard Setup	68
5.3.1 Manually Assign a WPA-PSK key	70
5.3.2 Manually Assign a WEP Key	71
WAN Setup	73
6.1 Overview	73
6.1.1 What You Can Do in the WAN Screens	73
6.1.2 What You Need to Know About WAN	73
6.1.3 Before You Begin	74
6.2 The Internet Access Setup Screen	75
6.2.1 Advanced Internet Access Setup	77
6.3 The More Connections Screen	79
6.3.1 More Connections Edit	80
6.3.2 Configuring More Connections Advanced Setup	82
6.4 WAN Technical Reference	83
6.4.1 Encapsulation	83
6.4.2 Multiplexing	85
6.4.3 VPI and VCI	85
6.4.4 IP Address Assignment	85
6.4.5 Nailed-Up Connection (PPP)	86
6.4.6 NAT	86
6.5 Traffic Shaping	86
6.5.1 ATM Traffic Classes	87
LAN Setup	89
7.1 Overview	89
7.1.1 What You Can Do in the LAN Screens	89
7.1.2 What You Need To Know About LAN	90
7.1.3 Before You Begin	91
7.2 The LAN IP Screen	91
7.2.1 The Advanced LAN IP Setup Screen	92
7.3 The DHCP Setup Screen	93
7.4 The Client List Screen	94
7.5 The IP Alias Screen	95
7.5.1 Configuring the LAN IP Alias Screen	96
7.6 LAN Technical Reference	97
7.6.1 LANs, WANs and the ZyXEL Device	98
7.6.2 DHCP Setup	98
7.6.3 DNS Server Addresses	98
7.6.4 LAN TCP/IP	99
7.6.5 RIP Setup	100
7.6.6 Multicast	101
Wireless LAN	103
8.1 Overview	103
8.1.1 What You Can Do in the Wireless LAN Screens	103
8.1.2 What You Need to Know About Wireless	104
8.1.3 Before You Start	104
8.2 The AP Screen	105
8.2.1 No Security	106
8.2.2 WEP Encryption	107
8.2.3 WPA(2)-PSK	108
8.2.4 WPA(2) Authentication	109
8.2.5 Wireless LAN Advanced Setup	110
8.2.6 MAC Filter	112
8.3 The More AP Screen	113
8.3.1 More AP Edit	114
8.4 The WPS Screen	115
8.5 The WPS Station Screen	116
8.6 The WDS Screen	117
8.7 The Scheduling Screen	119
8.8 Wireless LAN Technical Reference	120
8.8.1 Wireless Network Overview	120
8.8.2 Additional Wireless Terms	122
8.8.3 Wireless Security Overview	122
8.8.4 Signal Problems	125
8.8.5 BSS	125
8.8.6 MBSSID	126
8.8.7 Wireless Distribution System (WDS)	127
8.8.8 WiFi Protected Setup (WPS)	127
Network Address Translation (NAT)	135
9.1 Overview	135
9.1.1 What You Can Do in the NAT Screens	135
9.1.2 What You Need To Know About NAT	135
9.2 The NAT General Setup Screen	137
9.3 The Port Forwarding Screen	138
9.3.1 Configuring the Port Forwarding Screen	139
9.3.2 The Port Forwarding Rule Edit Screen	141
9.4 The Address Mapping Screen	142
9.4.1 The Address Mapping Rule Edit Screen	144
9.5 The ALG Screen	145
9.6 NAT Technical Reference	146
9.6.1 NAT Definitions	146
9.6.2 What NAT Does	146
9.6.3 How NAT Works	147
9.6.4 NAT Application	148
9.6.5 NAT Mapping Types	148
Firewall	151
10.1 Overview	151
10.1.1 What You Can Do in the Firewall Screens	151
10.1.2 What You Need to Know About Firewall	151
10.2 The Firewall Screen	153
Filters	155
11.1 Overview	155
11.1.1 What You Can Do in the Filter Screens	155
11.1.2 What You Need to Know About Filtering	155
11.2 The URL Filter Screen	156
11.3 The Application Filter Screen	157
11.4 The IP/MAC Filter Screen	158
Static Route	161
12.1 Overview	161
12.1.1 What You Can Do in the Static Route Screens	162
12.2 The Static Route Screen	162
12.2.1 Static Route Edit	163
802.1Q/1P	165
13.1 Overview	165
13.1.1 What You Can Do in the 802.1Q/1P Screens	165
13.1.2 What You Need to Know About 802.1Q/1P	165
13.2 The 802.1Q/1P Group Setting Screen	166
13.2.1 Editing 802.1Q/1P Group Setting	168
13.3 The 802.1Q/1P Port Setting Screen	169
Quality of Service (QoS)	171
14.1 Overview	171
14.1.1 What You Can Do in the QoS Screens	172
14.1.2 What You Need to Know About QoS	172
14.2 The QoS Screen	173
14.2.1 The QoS Settings Summary Screen	175
14.3 QoS Technical Reference	176
14.3.1 IEEE 802.1p	176
14.3.2 IP Precedence	177
14.3.3 Automatic Priority Queue Assignment	177
Dynamic DNS Setup	179
15.1 Overview	179
15.1.1 What You Can Do in the DDNS Screen	179
15.1.2 What You Need To Know About DDNS	179
15.2 The Dynamic DNS Screen	180
Remote Management	181
16.1 Overview	181
16.1.1 What You Can Do in the Remote Management Screens	182
16.1.2 What You Need to Know About Remote Management	182
16.2 The WWW Screen	183
16.2.1 Configuring the WWW Screen	183
16.3 The Telnet Screen	184
16.4 The FTP Screen	185
16.5 The SNMP Screen	186
16.5.1 Configuring SNMP	187
16.6 The DNS Screen	188
16.7 The ICMP Screen	189
Universal Plug-and-Play (UPnP)	191
17.1 Overview	191
17.1.1 What You Can Do in the UPnP Screen	191
17.1.2 What You Need to Know About UPnP	191
17.2 The UPnP Screen	193
17.3 Installing UPnP in Windows Example	194
17.4 Using UPnP in Windows XP Example	197
CWMP	203
18.1 Overview	203
18.2 The CWMP Setup Screen	204
System Settings	207
19.1 Overview	207
19.1.1 What You Can Do in the System Settings Screens	207
19.2 The General Screen	207
19.3 The Time and Date Screen	208
Logs	211
20.1 Overview	211
20.1.1 What You Need To Know About Logs	211
20.2 The System Log Screen	211
20.3 Log Descriptions	213
Tools	221
21.1 Overview	221
21.1.1 What You Can Do in the Tool Screens	221
21.2 The Firmware Screen	221
21.3 The Configuration Screen	224
21.4 The Restart Screen	227
Diagnostic	229
22.1 Overview	229
22.1.1 What You Can Do in the Diagnostic Screens	229
22.2 The General Screen	229
22.3 The DSL Line Screen	230
Troubleshooting	233
23.1 Power, Hardware Connections, and LEDs	233
23.2 ZyXEL Device Access and Login	234
23.3 Internet Access	236
Product Specifications	239
24.1 Hardware Specifications	239
24.2 Firmware Specifications	239
24.3 Wireless Features	243
24.4 Power Adaptor Specifications	246
Setting up Your Computer’s IP Address	247
IP Addresses and Subnetting	271
Pop-up Windows, JavaScripts and Java Permissions	281
Wireless LANs	291
Services	307
Legal Information	311

Match case Limit results 1 per page

Chapter 8 Wireless LAN

P-660HN-TxA User’s Guide

124

You can use the MAC address filter to tell the ZyXEL Device which devices are

allowed or not allowed to use the wireless network. If a device is allowed to use

the wireless network, it still has to have the correct information (SSID, channel,

and security). If a device is not allowed to use the wireless network, it does not

matter if it has the correct information.

This type of security does not protect the information that is sent in the wireless

network. Furthermore, there are ways for unauthorized wireless devices to get the

MAC address of an authorized device. Then, they can use that MAC address to use

the wireless network.

8.8.3.3

User Authentication

Authentication is the process of verifying whether a wireless device is allowed to

use the wireless network. You can make every user log in to the wireless network

before using it. However, every device in the wireless network has to support IEEE

802.1x to do this.

For wireless networks, you can store the user names and passwords for each user

in a RADIUS server. This is a server used in businesses more than in homes. If you

do not have a RADIUS server, you cannot set up user names and passwords for

your users.

Unauthorized wireless devices can still see the information that is sent in the

wireless network, even if they cannot use the wireless network. Furthermore,

there are ways for unauthorized wireless users to get a valid user name and

password. Then, they can use that user name and password to use the wireless

network.

8.8.3.4

Encryption

Wireless networks can use encryption to protect the information that is sent in the

wireless network. Encryption is like a secret code. If you do not know the secret

code, you cannot understand the message.

The types of encryption you can choose depend on the type of authentication.

(See

Section 8.8.3.3 on page 124

for information about this.)

Table 40

Types of Encryption for Each Type of Authentication

NO AUTHENTICATION

RADIUS SERVER

Weakest

No Security

WPA

Static WEP

WPA-PSK

Strongest

WPA2-PSK

WPA2