ZyXEL NWD-370N User Guide - Page 33

IEEE 802.1x, 2.1.3, WPA and WPA2

Get ZyXEL NWD-370N PDF manuals and user guides View all ZyXEL NWD-370N manuals
Add to My Manuals
Save this manual to your list of manuals

Page 33 highlights

ZyXEL NWD-370N User's Guide Your NWD-370N allows you to configure up to four 64-bit, 128-bit or 152-bit WEP keys. Only one key is used as the default key at any one time. 3.2.1.1.2 Authentication Type The IEEE 802.11b/g standard describes a simple authentication method between the wireless stations and AP. Three authentication types are defined: Auto, Open and Shared. • Open mode is implemented for ease-of-use and when security is not an issue. The wireless station and the AP or peer computer do not share a secret key. Thus the wireless stations can associate with any AP or peer computer and listen to any transmitted data that is not encrypted. • Shared mode involves a shared secret key to authenticate the wireless station to the AP or peer computer. This requires you to enable the wireless LAN security and use same settings on both the wireless station and the AP or peer computer. • Auto authentication mode allows the NWD-370N to switch between the open system and shared key modes automatically. Use the auto mode if you do not know the authentication mode of the other wireless stations. 3.2.1.2 IEEE 802.1x The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless stations and encryption key management. Authentication can be done using an external RADIUS server. 3.2.1.2.1 EAP Authentication EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE 802.1x transport mechanism in order to support multiple types of user authentication. By using EAP to interact with an EAP-compatible RADIUS server, an access point helps a wireless station and a RADIUS server perform authentication. The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that supports IEEE 802.1x. The NWD-370N supports EAP-TLS, EAP-TTLS and EAP-PEAP. Refer to Appendix C on page 71 for descriptions. For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the certificate(s) from a certificate authority (CA). Certificates (also called digital IDs) can be used to authenticate users and a CA issues certificates and guarantees the identity of each certificate owner. 3.2.1.3 WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA(2) and WEP are improved data encryption and user authentication. Chapter 3 Wireless LAN Network 33

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
ZyXEL NWD-370N User’s Guide
Chapter 3 Wireless LAN Network
33
Your NWD-370N allows you to configure up to four 64-bit, 128-bit or 152-bit WEP keys.
Only one key is used as the default key at any one time.
3.2.1.1.2
Authentication Type
The IEEE 802.11b/g standard describes a simple authentication method between the wireless
stations and AP. Three authentication types are defined:
Auto
,
Open
and
Shared
.
Open mode is implemented for ease-of-use and when security is not an issue. The
wireless station and the AP or peer computer do not share a secret key. Thus the wireless
stations can associate with any AP or peer computer and listen to any transmitted data
that is not encrypted.
Shared mode involves a shared secret key to authenticate the wireless station to the AP or
peer computer. This requires you to enable the wireless LAN security and use same
settings on both the wireless station and the AP or peer computer.
Auto authentication mode allows the NWD-370N to switch between the open system and
shared key modes automatically. Use the auto mode if you do not know the authentication
mode of the other wireless stations.
3.2.1.2
IEEE 802.1x
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of
wireless stations and encryption key management. Authentication can be done using an
external RADIUS server.
3.2.1.2.1
EAP Authentication
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the
IEEE 802.1x transport mechanism in order to support multiple types of user authentication. By
using EAP to interact with an EAP-compatible RADIUS server, an access point helps a
wireless station and a RADIUS server perform authentication.
The type of authentication you use depends on the RADIUS server and an intermediary AP(s)
that supports IEEE 802.1x. The NWD-370N supports EAP-TLS, EAP-TTLS and EAP-PEAP.
Refer to
Appendix C on page 71
for descriptions.
For EAP-TLS authentication type, you must first have a wired connection to the network and
obtain the certificate(s) from a certificate authority (CA). Certificates (also called digital IDs)
can be used to authenticate users and a CA issues certificates and guarantees the identity of
each certificate owner.
3.2.1.3
WPA and WPA2
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE
802.11i) is a wireless security standard that defines stronger encryption, authentication and
key management than WPA.
Key differences between WPA(2) and WEP are improved data encryption and user
authentication.