Home » ZyXEL Manuals » Bridges & Routers » ZyXEL NBG6615 » Manual Viewer

ZyXEL NBG6615 User Guide - Page 194

WPA2-PSK Application Example, WPA2 with RADIUS Application Example

Add to My Manuals
Save this manual to your list of manuals

Page 194 highlights

Appendix D Wireless LANs 3 A 256-bit Pairwise Master Key (PMK) is derived from the authentication process by the RADIUS server and the client. 4 The RADIUS server distributes the PMK to the AP. The AP then sets up a key hierarchy and management system, using the PMK to dynamically generate unique data encryption keys. The keys are used to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. Figure 127 WPA(2) with RADIUS Application Example WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows. 1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters or 64 hexadecimal characters (including spaces and symbols). 2 The AP checks each wireless client's password and allows it to join the network only if the password matches. 3 The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not sent over the network, but is derived from the PSK and the SSID. 4 The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged between them. NBG6615's User's Guide 194

Section	Page
NBG6615	1
Contents Overview	3
Table of Contents	4
User’s Guide	10
Introduction	11
1.1 Overview	11
1.2 Securing the NBG6615	12
1.3 LEDs	13
1.4 The WPS Button	13
1.4.1 Using the WPS Button	14
1.5 Reboot/Reset Button	14
1.6 Wall Mounting	14
The Web Configurator	16
2.1 Overview	16
2.2 Accessing the Web Configurator	16
2.3 Resetting the NBG6615	18
Connection Wizard	20
3.1 Wizard Setup	20
3.1.1 Static IP Connection	22
3.1.2 DHCP Client	22
3.1.3 PPPoE Connection	23
3.1.4 PPTP Connection	24
Modes	28
4.1 Overview	28
4.2 Setting your NBG6615 to Router Mode	29
4.2.1 Status Screen (Router Mode)	29
4.2.2 Router Mode Navigation Panel	33
4.3 Setting your NBG6615 to AP Mode	34
4.3.1 Status Screen (AP Mode)	35
4.3.2 AP Navigation Panel	37
Tutorials	39
5.1 Overview	39
5.2 How to Connect to the Internet from an AP	39
5.3 Configure Wireless Security Using WPS on both your NBG6615 and Wireless Client	39
5.3.1 Push Button Configuration	40
5.3.2 PIN Configuration	41
5.4 Enable and Configure Wireless Security without WPS on your NBG6615	43
5.4.1 Configure Your Wireless Client	44
5.5 Using Multiple SSIDs on the NBG6615	46
5.5.1 Configuring Security Settings of Multiple SSIDs	47
5.6 Installing UPnP in Windows 7 Example	50
5.7 Using Bandwidth Management on the NBG6615	50
Technical Reference	53
Wireless LAN	54
6.1 Overview	54
6.2 What You Can Do	54
6.3 What You Should Know	55
6.3.1 Wireless Security Overview	55
6.3.2 MBSSID	55
6.3.3 MAC Address Filter	56
6.3.4 Encryption	56
6.3.5 WPS	56
6.4 General Wireless LAN Screen	57
6.4.1 No Security	58
6.4.2 WPA2-PSK or WPA-PSK/WPA2-PSK	58
6.5 MAC Filter	59
6.6 Wireless LAN Advanced Screen	60
6.7 WPS Screen	61
6.8 WPS Station Screen	63
6.9 Scheduling Screen	63
6.10 MBSSID Screen	64
WAN	67
7.1 Overview	67
7.2 What You Need To Know	67
7.2.1 Configuring Your Internet Connection	67
7.3 Internet Connection Screen	68
7.3.1 Static IP	68
7.3.2 DHCP Client	70
7.3.3 PPPoE Connection	71
7.3.4 PPTP Connection	73
7.4 Advanced Screen	75
LAN	77
8.1 Overview	77
8.2 What You Need To Know	77
8.2.1 IP Address and Subnet Mask	78
8.2.2 DNS Server Address Assignment	78
8.2.3 IP Pool Setup	79
8.2.4 LAN TCP/IP	79
8.3 LAN IP Screen	79
DHCP Server	81
9.1 Overview	81
9.2 What You Can Do	81
9.3 What You Need To Know	81
9.4 General Screen	81
9.5 Static DHCP Screen	82
9.6 Client List Screen	83
Network Address Translation	85
10.1 Overview	85
10.2 What You Can Do	85
10.2.1 What You Need To Know	86
10.3 General NAT Screen	87
10.4 NAT Application Screen	88
10.5 Port Triggering Screen	90
10.6 Technical Reference	91
10.6.1 NAT Port Forwarding: Services and Port Numbers	92
10.6.2 NAT Port Forwarding Example	92
10.6.3 Trigger Port Forwarding	92
10.6.4 Trigger Port Forwarding Example	93
10.6.5 Two Points To Remember About Trigger Ports	93
Dynamic DNS	94
11.1 Overview	94
11.2 Dynamic DNS Screen	94
Static Route	96
12.1 Overview	96
12.2 IP Static Route Screen	96
Firewall	99
13.1 Overview	99
13.2 What You Can Do	99
13.3 What You Need To Know	100
13.3.1 About the NBG6615 Firewall	100
13.3.2 VPN Pass Through Features	100
13.4 General Firewall Screen	100
13.5 Services Screen	101
13.6 MAC Filter Screen	102
Content Filter	104
14.1 Overview	104
14.2 What You Can Do	104
14.3 Filter Screen	104
Remote Management	106
15.1 Overview	106
15.1.1 Remote Management Limitations	107
15.1.2 Remote Management and NAT	107
15.1.3 System Timeout	107
15.2 WWW Screen	107
Universal Plug-and-Play (UPnP)	109
16.1 Overview	109
16.2 What You Need to Know	109
16.3 Configuring UPnP	110
16.4 Installing UPnP in Windows 7 Example	110
16.4.1 Using UPnP in Windows XP Example	112
16.4.2 Web Configurator Easy Access	114
Bandwidth MGMT	117
17.1 Overview	117
17.2 What You Can Do	117
17.3 What You Need To Know	117
17.4 Bandwidth MGMT Screen	117
17.5 Advanced Screen	118
System	120
18.1 Overview	120
18.2 What You Can Do	120
18.3 System General Screen	120
18.4 Time Setting Screen	121
Logs	123
19.1 Overview	123
19.2 What You Need to Know	123
19.3 View Log Screen	123
Tools	125
20.1 Overview	125
20.2 What You Can Do	125
20.3 Firmware Upload Screen	125
20.4 Configuration Screen	127
20.4.1 Backup Configuration	127
20.4.2 Restore Configuration	127
20.4.3 Back to Factory Defaults	128
20.5 Restart Screen	128
Sys OP Mode	130
21.1 Overview	130
21.2 General Screen	130
Language	132
22.1 Language Screen	132
Troubleshooting and Appendices	133
Troubleshooting	134
23.1 Power, Hardware Connections, and LEDs	134
23.2 NBG6615 Access and Login	135
23.3 Internet Access	136
23.4 Resetting the NBG6615 to Its Factory Defaults	137
23.5 Wireless Problems	138
IP Addresses and Subnetting	139
Pop-up Windows, JavaScripts and Java Permissions	148
Setting Up Your Computer’s IP Address	157
Wireless LANs	184
Common Services	197
Legal Information	200
Customer Support	207

Match case Limit results 1 per page

Appendix D Wireless LANs

NBG6615’s User’s Guide

194

A 256-bit Pairwise Master Key (PMK) is derived from the authentication process by the RADIUS server and

the client.

The RADIUS server distributes the PMK to the AP. The AP then sets up a key hierarchy and management

system, using the PMK to dynamically generate unique data encryption keys. The keys are used to

encrypt every data packet that is wirelessly communicated between the AP and the wireless clients.

Figure 127

WPA(2) with RADIUS Application Example

WPA(2)-PSK Application Example

A WPA(2)-PSK application looks as follows.

First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist

of between 8 and 63 ASCII characters or 64 hexadecimal characters (including spaces and symbols).

The AP checks each wireless client's password and allows it to join the network only if the password

matches.

The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not sent over

the network, but is derived from the PSK and the SSID.

The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged

in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged

between them.