Home » ZyXEL Manuals » Wireless » ZyXEL EMG2306 » Manual Viewer

ZyXEL EMG2306 User Guide - Page 72

User Authentication, Encryption

Add to My Manuals
Save this manual to your list of manuals

Page 72 highlights

Chapter 9 Wireless LAN 00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate User's Guide or other documentation. You can use the MAC address filter to tell the AP which wireless clients are allowed or not allowed to use the wireless network. If a wireless client is allowed to use the wireless network, it still has to have the correct settings (SSID, channel, and security). If a wireless client is not allowed to use the wireless network, it does not matter if it has the correct settings. This type of security does not protect the information that is sent in the wireless network. Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized wireless client. Then, they can use that MAC address to use the wireless network. User Authentication You can make every user log in to the wireless network before they can use it. This is called user authentication. However, every wireless client in the wireless network has to support IEEE 802.1x to do this. For wireless networks, there are two typical places to store the user names and passwords for each user. • In the AP: this feature is called a local user database or a local database. • In a RADIUS server: this is a server used in businesses more than in homes. If your AP does not provide a local user database and if you do not have a RADIUS server, you cannot set up user names and passwords for your users. Unauthorized devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network. Local user databases also have an additional limitation that is explained in the next section. Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network. Encryption is like a secret code. If you do not know the secret code, you cannot understand the message. The types of encryption you can choose depend on the type of user authentication. (See page 72 for information about this.) Table 21 Types of Encryption for Each Type of Authentication NO AUTHENTICATION RADIUS SERVER Weakest No Security WPA Static WEP WPA-PSK Strongest WPA2-PSK WPA2 72 EMG2306-R10A User's Guide

Section	Page
Contents Overview	3
Table of Contents	4
Introduction	12
1.1 Overview	12
1.2 Applications	12
1.3 Ways to Manage the EMG2306-R10A	12
1.4 Good Habits for Managing the EMG2306-R10A	12
1.5 LEDs	13
1.6 The WPS Button	14
1.7 Wall Mounting	15
Introducing the Web Configurator	16
2.1 Overview	16
2.2 Login Accounts	16
2.3 Accessing the Web Configurator	16
2.4 Resetting the EMG2306-R10A	18
2.4.1 Procedure to Use the RESET Button	18
Monitor	19
3.1 Overview	19
3.2 What You Can Do	19
3.3 The Log Screen	19
3.3.1 View Log	20
3.3.2 Log Setting	20
3.4 DHCP Table	20
3.5 Packet Statistics	22
3.6 WLAN Station Status	23
EMG2306-R10A Modes	24
4.1 Overview	24
4.1.1 Device Modes	24
Router Mode	25
5.1 Overview	25
5.2 Router Mode Status Screen	26
5.2.1 Navigation Panel	29
Access Point Mode	32
6.1 Overview	32
6.2 What You Can Do	32
6.3 What You Need to Know	32
6.3.1 Setting your EMG2306-R10A to AP Mode	33
6.3.2 Accessing the Web Configurator in Access Point Mode	33
6.3.3 Configuring your WLAN and Maintenance Settings	34
6.4 AP Mode Status Screen	34
6.5 LAN Screen	37
Tutorials	40
7.1 Overview	40
7.2 Set Up a Wireless Network with WPS	40
7.2.1 Push Button Configuration (PBC)	40
7.2.2 PIN Configuration	41
7.3 Configure Wireless Security without WPS	42
7.3.1 Configure Your Notebook	44
7.4 Using Multiple SSIDs on the EMG2306-R10A	46
7.4.1 Configuring Security Settings of Multiple SSIDs	47
WAN	54
8.1 Overview	54
8.2 What You Can Do	54
8.3 What You Need To Know	54
8.3.1 Configuring Your Internet Connection	55
8.3.2 Multicast	56
8.4 Management WAN	57
8.4.1 Add/Edit Internet Connection	58
8.4.2 Ethernet Encapsulation	59
8.4.3 PPPoE Encapsulation	60
8.4.4 PPTP Encapsulation	63
8.4.5 IPoE Encapsulation	66
8.4.6 Bridge Encapsulation	68
8.5 Advanced WAN Screen	68
Wireless LAN	70
9.1 Overview	70
9.2 What You Can Do	70
9.3 What You Should Know	71
9.4 General Wireless LAN Screen	73
9.5 Wireless Security	75
9.5.1 No Security	75
9.5.2 WEP Encryption	76
9.5.3 WPA-PSK/WPA2-PSK	79
9.6 More AP	80
9.6.1 More AP Edit	81
9.7 MAC Filter	81
9.8 Wireless LAN Advanced Screen	83
9.9 Quality of Service (QoS) Screen	84
9.10 WPS Screen	84
9.11 WPS Station Screen	86
9.12 Scheduling Screen	86
9.13 WDS	87
LAN	89
10.1 Overview	89
10.2 What You Can Do	89
10.3 What You Need To Know	90
10.3.1 IP Pool Setup	90
10.3.2 LAN TCP/IP	90
10.3.3 IP Alias	90
10.4 LAN IP Screen	91
10.5 IP Alias Screen	91
DHCP Server	93
11.1 Overview	93
11.2 What You Can Do	93
11.3 What You Need To Know	93
11.4 The DHCP General Screen	94
11.5 The DHCP Advanced Screen	95
11.6 The DHCP Client List Screen	96
NAT	98
12.1 Overview	98
12.2 What You Can Do	98
12.3 What You Need To Know	99
12.4 The NAT General Screen	101
12.5 The NAT Port Forwarding Screen	101
12.6 The NAT Trigger Port Screen	103
DDNS	105
13.1 Overview	105
13.2 The DDNS General Screen	105
Static Route	107
14.1 Overview	107
14.2 Static Route Screen	107
14.2.1 Add/Edit Static Route Screen	108
Interface Group	110
15.1 Overview	110
15.2 The Interface Group Screen	110
15.2.1 Add Interface Group	111
Firewall	113
16.1 Overview	113
16.2 What You Can Do	113
16.3 What You Need To Know	114
16.4 The Firewall General Screen	115
16.5 The Services Screen	116
Content Filtering	118
17.1 Overview	118
17.2 What You Need To Know	118
17.3 Content Filter	119
17.4 Technical Reference	120
17.4.1 Customizing Keyword Blocking URL Checking	120
Remote Management	122
18.1 Overview	122
18.2 What You Need to Know	122
18.2.1 Remote Management and NAT	122
18.3 What You Can Do	122
18.4 The WWW Screen	123
18.5 The Telnet Screen	123
18.6 The SNMP Screen	124
18.7 The TR069 Screen	127
18.8 The Import CA Screen	128
Universal Plug-and-Play (UPnP)	130
19.1 Overview	130
19.2 What You Need to Know	130
19.2.1 NAT Traversal	130
19.2.2 Cautions with UPnP	130
19.3 UPnP Screen	131
19.4 Technical Reference	131
19.4.1 Using UPnP in Windows XP Example	131
19.4.2 Web Configurator Easy Access	134
Maintenance	137
20.1 Overview	137
20.2 What You Can Do	137
20.3 General Screen	137
20.4 Account Screen	138
20.4.1 Account Setup Screen	138
20.5 Time Setting Screen	140
20.6 Firmware Upgrade Screen	141
20.7 Configuration Backup/Restore Screen	143
20.8 Restart Screen	144
20.9 Language	144
20.10 System Operation Mode Overview	145
20.11 Sys OP Mode Screen	146
Troubleshooting	148
21.1 Overview	148
21.2 Power, Hardware Connections, and LEDs	148
21.3 EMG2306-R10A Access and Login	149
21.4 Internet Access	151
21.5 Resetting the EMG2306-R10A to Its Factory Defaults	152
21.6 Wireless Router/AP Troubleshooting	152
Pop-up Windows, JavaScript and Java Permissions	155
IP Addresses and Subnetting	166
Setting Up Your Computer’s IP Address	176
Wireless LANs	204
Common Services	218
Legal Information	221

Match case Limit results 1 per page

Chapter 9 Wireless LAN

EMG2306-R10A User’s Guide

00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate User’s

Guide or other documentation.

You can use the MAC address filter to tell the AP which wireless clients are allowed or not allowed to

use the wireless network. If a wireless client is allowed to use the wireless network, it still has to

have the correct settings (SSID, channel, and security). If a wireless client is not allowed to use the

wireless network, it does not matter if it has the correct settings.

This type of security does not protect the information that is sent in the wireless network.

Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized

wireless client. Then, they can use that MAC address to use the wireless network.

User Authentication

You can make every user log in to the wireless network before they can use it. This is called user

authentication. However, every wireless client in the wireless network has to support IEEE 802.1x

to do this.

For wireless networks, there are two typical places to store the user names and passwords for each

user.

•

In the AP: this feature is called a local user database or a local database.

•

In a RADIUS server: this is a server used in businesses more than in homes.

If your AP does not provide a local user database and if you do not have a RADIUS server, you

cannot set up user names and passwords for your users.

Unauthorized devices can still see the information that is sent in the wireless network, even if they

cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to

get a valid user name and password. Then, they can use that user name and password to use the

wireless network.

Local user databases also have an additional limitation that is explained in the next section.

Encryption

Wireless networks can use encryption to protect the information that is sent in the wireless

network. Encryption is like a secret code. If you do not know the secret code, you cannot

understand the message.

The types of encryption you can choose depend on the type of user authentication. (See

page 72

for information about this.)

Table 21

Types of Encryption for Each Type of Authentication

NO AUTHENTICATION

RADIUS SERVER

Weakest

No Security

WPA

Static WEP

WPA-PSK

Strongest

WPA2-PSK

WPA2