Linksys WRT51AB User Guide - Page 49

Instant Wireless® Series Notebook with Wireless Adapter RADIUS Server Cable or DSL Modem Router Figure C-1 Notebook with Wireless Adapter Note: 802.1x is an advanced data security measure and not essential for router operation. It will, however, increase network security. Note: If you are roaming between access points, you will have to go through the 802.1x authentication procedure each time your computer connects to a new access point. There are two types of WEP encryption for 802.1x, static and dynamic. Static WEP keys are more vulnerable and can only be changed manually on all devices, including the Router. If you are using MD5 authentication, then you can only use static WEP keys. Dynamic WEP keys are keys that are renewed automatically on a periodic basis. This makes the WEP key(s) more difficult to break, so network security is strengthened. To enable dynamic WEP keys, you must use 802.1x certificate-based authentication methods, such as TLS or TTLS. WEP Encryption Make sure your wireless network is functioning before attempting to configure WEP encryption. On a wireless network, a 128-bit WEP encrypted device will NOT communicate with a 64-bit WEP encrypted device. Therefore, make sure that all of the wireless devices on each network are using the same encryption level. 90 Dual-Band Wireless A+B Broadband Router In addition to enabling WEP, Linksys also recommends the following security implementations: • Change the SSID from the default "linksys" • Change the SSID on a regular basis • Change the WEP key regularly • Enable MAC address filtering (if your wireless products allow it) For instructions on how to configure the Router's WEP settings, go to the "Setup" section of "Chapter 6: The Router's Web-Based Utility." For instructions on how to configure the WEP settings of your PC's wireless adapter, refer to your wireless adapter's documentation. 802.1x Authentication Many authentication methods, including passwords, certificates, and smart cards (plastic cards that hold data), work within the 802.1x framework. The Router supports two authentication types: MD5 and certificate-based (TLS or TTLS). MD5 authentication is a type of one-way authentication method that employs user names and passwords. TLS and TTLS authentication are two-way authentication methods that employ digital certificates to verify the identity of a client. TLS, or EAP-TLS, exclusively uses digital certificates, while TTLS, or EAP-TTLS, uses a combination of certificates and another method, such as passwords, for authentication. MD5 authentication is not as secure as either certificate-based authentication method, and TLS is more secure than TTLS authentication. To use 802.1x authentication, you have to enable the 802.1x feature on the Router as well as your wireless-equipped PCs. For instructions on how to configure the Router's 802.1x settings, go to the "Advanced Wireless" section of "Chapter 6: The Router's Web-Based Utility." Important: The Router's 802.1x feature works with Windows XP. It may also work with other Windows operating systems, depending on the specifics of your PC's operating system and the 802.1x client software being used. Important: The Router's 802.1x feature works with a RADIUS server. It may also work with other types of authentication servers, depending on the specifics of each authentication server. 91