ZyXEL P-2601HN-F1 User Guide - Page 308
Dynamic WEP Key Exchange, WPA and WPA2, Note: EAP-MD5 cannot be used with Dynamic WEP Key Exchange
View all ZyXEL P-2601HN-F1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 308 highlights
Appendix D Wireless LANs Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed. If this feature is enabled, it is not necessary to configure a default encryption key in the wireless security configuration screen. You may still configure and store keys, but they will not be used while dynamic WEP is enabled. Note: EAP-MD5 cannot be used with Dynamic WEP Key Exchange For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, a simple user name and password pair is more practical. The following table is a comparison of the features of authentication types. Table 92 Comparison of EAP Authentication Types EAP-MD5 EAP-TLS EAP-TTLS Mutual Authentication No Yes Yes Certificate - Client No Yes Optional Certificate - Server No Yes Yes Dynamic Key Exchange No Yes Yes Credential Integrity None Strong Strong Deployment Difficulty Easy Hard Moderate Client Identity Protection No No Yes PEAP Yes Optional Yes Yes Strong Moderate Yes LEAP Yes No No Yes Moderate Moderate No WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication. If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server, you should use WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a wireless client will be granted access to a WLAN. 308 P-2601HN(L)-F1 Series User's Guide