Home » ZyXEL Manuals » Networking » ZyXEL G-220 » Manual Viewer

ZyXEL G-220 User Guide - Page 107

WPA(2)-PSK Application Example, WPA(2) with RADIUS Application Example

Get ZyXEL G-220 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 107 highlights

ZyXEL G-220 v2 User's Guide WPA(2)-PSK Application Example A WPA(2)s-PSK application looks as follows. 1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters or 64 hexadecimal characters (including spaces and symbols). 2 The AP checks each client's password and (only) allows it to join the network if it matches its password. 3 The AP and wireless clients use the pre-shared key to generate a common PMK. 4 The AP and wireless clients use the TKIP or AES encryption process to encrypt data exchanged between them. Figure 73 WPA-PSK Authentication WPA(2) with RADIUS Application Example You need the IP address of the RADIUS server, its port number (default is 1812), and the RADIUS shared secret. A WPA(2) application example with an external RADIUS server looks as follows. "A" is the RADIUS server. "DS" is the distribution system. 1 The AP passes the wireless client's authentication request to the RADIUS server. 2 The RADIUS server then checks the user's identification against its database and grants or denies network access accordingly. 3 The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. Appendix D Wireless Security 107

Section	Page
User’s Guide	1
About This User's Guide	3
Document Conventions	4
Safety Warnings	6
Copyright	7
Certifications	8
ZyXEL Limited Warranty	10
Table of Contents	11
List of Figures	15
List of Tables	19
Getting Started	21
1.1 About Your G-220 v2	21
1.2 Application Overview	21
1.2.1 Windows Vista Users	21
1.2.2 Station Mode	21
1.2.2.1 Infrastructure	21
1.2.2.2 Ad-Hoc	22
1.2.3 Access Point Mode	23
1.2.4 Changing G-220 v2 Mode	23
1.3 G-220 v2 Hardware and Utility Installation	24
1.3.1 ZyXEL Utility Icon	24
1.4 Configuration Methods	24
1.4.1 Enabling WZC	24
1.4.2 Accessing the ZyXEL Utility	25
Tutorial	27
2.1 Connecting to a Wireless LAN	27
2.2 Creating and Using a Profile	29
2.3 Configuring the G-220 v2 as an AP	32
Wireless LAN Network	35
3.1 Wireless LAN Overview	35
3.2 Wireless LAN Security	36
3.2.1 Hide SSID	36
3.2.2 MAC Address Filter	36
3.2.3 User Authentication and Encryption	37
3.2.3.1 WEP	37
3.2.3.2 IEEE 802.1x	38
3.2.3.3 WPA and WPA2	38
3.3 WiFi Protected Setup	39
3.3.1 Push Button Configuration	39
3.3.2 PIN Configuration	39
3.3.3 How WPS Works	41
3.3.3.1 Example WPS Network Setup	42
3.3.4 Limitations of WPS	44
3.4 Introduction to OTIST	45
3.4.1 Enabling OTIST	45
3.4.1.1 AP	45
3.4.1.2 Wireless Client	46
3.4.2 Starting OTIST	47
3.4.3 Notes on OTIST	47
Wireless Station Mode Configuration	49
4.1 Wireless Station Mode Overview	49
4.1.1 ZyXEL Utility Screen Summary	49
4.2 The Link Info Screen	50
4.2.1 Trend Chart	51
4.3 The Site Survey Screen	52
4.3.1 Security Settings	53
4.3.1.1 WEP Encryption	54
4.3.1.2 WPA-PSK/WPA2-PSK	55
4.3.1.3 WPA/WPA2	56
4.3.1.4 IEEE 802.1x	57
4.3.2 Confirm Save Screen	59
4.4 The Profile Screen	60
4.4.1 Adding a New Profile	62
4.5 The Adapter Screen	66
4.6 Security Settings in Windows Vista	69
4.6.1 Using PEAP in Vista	69
4.6.2 Using TLS in Vista	70
Access Point Mode Configuration	73
5.1 Access Point Mode Introduction	73
5.1.1 ZyXEL Utility Screen Summary	73
5.1.2 Additional Setup Requirements	74
5.2 The Link Info Screen	74
5.3 The Configuration Screen	75
5.4 The MAC Filter Screen	77
Maintenance	79
6.1 The About Screen	79
6.2 Uninstalling the ZyXEL Utility	79
6.3 Upgrading the ZyXEL Utility	80
Troubleshooting	83
7.1 Problems Starting the ZyXEL Utility	83
7.2 Problem Connecting to an Access Point	83
7.3 Problem with the Link Quality	84
7.4 Problems Communicating With Other Computers	84
Product Specifications	85
Access Point Mode Setup Example	87
Configuring the Computer on Which You Install the G-220 v2	87
Configuring the Wireless Station Computer	89
Management with Wireless Zero Configuration	91
Activating Wireless Zero Configuration	91
Connecting to a Wireless Network	92
Security Settings	95
Association	96
Authentication	97
Ordering the Preferred Networks	100
Wireless Security	103
Types of EAP Authentication	103
EAP-MD5 (Message-Digest Algorithm 5)	103
EAP-TLS (Transport Layer Security)	104
EAP-TTLS (Tunneled Transport Layer Service)	104
PEAP (Protected EAP)	104
LEAP	104
Dynamic WEP Key Exchange	104
WPA and WPA2	105
Encryption	105
User Authentication	106
WPA(2)-PSK Application Example	107
WPA(2) with RADIUS Application Example	107
Security Parameters Summary	108
Setting up Your Computer’s IP Address	109
Windows 95/98/Me	109
Installing Components	110
Configuring	111
Verifying Settings	112
Windows 2000/NT/XP	112
Verifying Settings	116
Macintosh OS 8/9	116
Verifying Settings	118
Macintosh OS X	118
Verifying Settings	119
Customer Support	121

Match case Limit results 1 per page

ZyXEL G-220 v2 User’s Guide

Appendix D Wireless Security

107

WPA(2)-PSK Application Example

A WPA(2)s-PSK application looks as follows.

First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key

(PSK) must consist of between 8 and 63 ASCII characters or 64 hexadecimal characters

(including spaces and symbols).

The AP checks each client's password and (only) allows it to join the network if it

matches its password.

The AP and wireless clients use the pre-shared key to generate a common PMK.

The AP and wireless clients use the TKIP or AES encryption process to encrypt data

exchanged between them.

Figure 73

WPA-PSK Authentication

WPA(2) with RADIUS Application Example

You need the IP address of the RADIUS server, its port number (default is 1812), and the

RADIUS shared secret. A WPA(2) application example with an external RADIUS server

looks as follows. "A" is the RADIUS server. "DS" is the distribution system.

The AP passes the wireless client's authentication request to the RADIUS server.

The RADIUS server then checks the user's identification against its database and grants

or denies network access accordingly.

The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then

sets up a key hierarchy and management system, using the pair-wise key to dynamically

generate unique data encryption keys to encrypt every data packet that is wirelessly

communicated between the AP and the wireless clients.