ZyXEL G-302 v3 User Guide - Page 34

Data Encryption with WEP, IEEE 802.1x

Get ZyXEL G-302 v3 PDF manuals and user guides View all ZyXEL G-302 v3 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 34 highlights

ZyXEL G-302 v3 User's Guide 2.2.1 Data Encryption with WEP WEP (Wired Equivalent Privacy) encryption scrambles all data packets transmitted between the G-302 v3 and the AP or other wireless stations to keep network communications private. Both the wireless stations and the access points must use the same WEP key for data encryption and decryption. There are two ways to create WEP keys in your G-302 v3. • Automatic WEP key generation based on a "password phrase" called a passphrase. The passphrase is case sensitive. You must use the same passphrase for all WLAN adapters with this feature in the same WLAN. For WLAN adapters without the passphrase feature, you can still take advantage of this feature by writing down the four automatically generated WEP keys from the Security Settings screen of the ZyXEL utility and entering them manually as the WEP keys in the other WLAN adapter(s). • Enter the WEP keys manually. Your G-302 v3 allows you to configure up to four 64-bit or 128-bit WEP keys and only one key is used as the default key at any one time. 2.2.2 IEEE 802.1x The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless stations and encryption key management. Authentication can be done using an external RADIUS server. 2.2.2.1 EAP Authentication EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE 802.1x transport mechanism in order to support multiple types of user authentication. By using EAP to interact with an EAP-compatible RADIUS server, an access point helps a wireless station and a RADIUS server perform authentication. The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that supports IEEE 802.1x. The G-302 v3 supports EAP-TLS, EAP-TTLS and EAP-PEAP. Refer to Appendix C on page 69 for descriptions. For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used to authenticate users and a CA issues certificates and guarantees the identity of each certificate owner. 30 Chapter 2 Wireless LAN Network

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
ZyXEL G-302 v3 User’s Guide
30
Chapter 2 Wireless LAN Network
2.2.1
Data Encryption with WEP
WEP (Wired Equivalent Privacy) encryption scrambles all data packets transmitted between
the G-302 v3 and the AP or other wireless stations to keep network communications private.
Both the wireless stations and the access points must use the same WEP key for data
encryption and decryption.
There are two ways to create WEP keys in your G-302 v3.
Automatic WEP key generation based on a “password phrase” called a passphrase. The
passphrase is case sensitive. You must use the same passphrase for all WLAN adapters
with this feature in the same WLAN.
For WLAN adapters without the passphrase feature, you can still take advantage of this
feature by writing down the four automatically generated WEP keys from the
Security
Settings
screen of the ZyXEL utility and entering them manually as the WEP keys in the
other WLAN adapter(s).
Enter the WEP keys manually.
Your G-302 v3 allows you to configure up to four 64-bit or 128-bit WEP keys and only
one key is used as the default key at any one time.
2.2.2
IEEE 802.1x
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of
wireless stations and encryption key management. Authentication can be done using an
external RADIUS server.
2.2.2.1
EAP Authentication
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the
IEEE 802.1x transport mechanism in order to support multiple types of user authentication. By
using EAP to interact with an EAP-compatible RADIUS server, an access point helps a
wireless station and a RADIUS server perform authentication.
The type of authentication you use depends on the RADIUS server and an intermediary AP(s)
that supports IEEE 802.1x. The G-302 v3 supports EAP-TLS, EAP-TTLS and EAP-PEAP.
Refer to
Appendix C on page 69
for descriptions.
For EAP-TLS authentication type, you must first have a wired connection to the network and
obtain the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs)
can be used to authenticate users and a CA issues certificates and guarantees the identity of
each certificate owner.