ZyXEL Communications G-162 EAP-MD5 Message-Digest Algorithm, EAP-TLS Transport Layer Security

Page 71

ZyXEL G-162/G-360 User’s Guide

Appendix A

Types of EAP Authentication

This appendix discusses the five popular EAP authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and LEAP. The type of authentication you use depends on the RADIUS server. Consult your network administrator for more information. For the EAP-MD5, please refer to the User’s Guide of Funk Odyssey software.

EAP-MD5 (Message-Digest Algorithm 5)

MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station. The wireless station ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text.

However, MD5 authentication has some weaknesses. Since the authentication server needs to get the plaintext passwords, the passwords must be stored. Thus someone other than the authentication server may access the password file. In addition, it is possible to impersonate an authentication server as MD5 authentication method does not perform mutual authentication. Finally, MD5 authentication method does not support data encryption with dynamic session key. You must configure WEP encryption keys for data encryption.

EAP-TLS (Transport Layer Security)

With EAP-TLS, digital certifications are needed by both the server and the wireless stations for mutual authentication. The server presents a certificate to the client. After validating the identity of the server, the client sends a different certificate to the server. The exchange of certificates is done in the open before a secured tunnel is created. This makes user identity vulnerable to passive attacks. A digital certificate is an electronic ID card that authenticates the sender’s identity. However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle certificates, which imposes a management overhead.

EAP-TTLS (Tunneled Transport Layer Service)

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side authentications to establish a secure connection. Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.

PEAP (Protected EAP)

Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco.

Appendix A

i

Image 71
Contents ZyXEL G-162/G-360 Trademarks Copyright 2005 by ZyXEL Communications CorporationDisclaimer Online Registration ZyXEL Limited WarrantyFederal Communications Commission FCC Interference Statement Customer Support Table of Contents ZyXEL G-162/G-360 User’s Guide User Guide Feedback About This Users GuideSyntax Conventions Related DocumentationGraphics Icons Key Page About Your ZyXEL G-162/G-360 ZyXEL G-162/G-360 Hardware and Utility InstallationUsing the ZyXEL Utility to Configure Your Network ZyXEL G-162/G-360 User’s Guide Site Survey Label Description Should use the same Ssid whatever your choice is ZyXEL G-162/G-360 User’s Guide ZyXEL G-162/G-360 User’s Guide ZyXEL G-162/G-360 User’s Guide Profile Profile Pool Link Info Link Info Transmit ZyXEL Website AboutChannel Wireless Network ApplicationOverview SsidBSS Example Ad-Hoc IbssInfrastructure Network Example RoamingRoaming Example Wireless LAN SecurityWPA-PSK and WPA2-PSK Application Example Data Encryption with WEPWPA and WPA2 with Radius Application Example WPA-PSK/WPA2-PSK AuthenticationIeee EAP AuthenticationRTS/CTS Threshold Fragmentation ThresholdOtist One Touch Intelligent Security Technology Page About Screen Chapter MaintenanceAbout Uninstalling the ZyXEL UtilityUpgrading the ZyXEL Utility Page Configuring Security Chapter Configuring Wireless SecurityConfiguring WEP ZyXEL G-162/G-360 User’s Guide Configuring WPA-PSK ZyXEL G-162/G-360 User’s Guide Configuring WPA2-PSK ZyXEL G-162/G-360 User’s Guide Configuring WEP-802.1x Configuring WEP-802.1x EAP-LEAP ZyXEL G-162/G-360 User’s Guide Configuring WEP-802.1x EAP-PEAP-MS-CHAPv2 ZyXEL G-162/G-360 User’s Guide Configuring WEP-802.1x PEAP-GTC ZyXEL G-162/G-360 User’s Guide Configuring WEP-802.1x EAP-TLS ZyXEL G-162/G-360 User’s Guide Configuring WPA-802.1x Configuring WPA-802.1x EAP-LEAP ZyXEL G-162/G-360 User’s Guide Configuring WPA-802.1x EAP-PEAP-MS-CHAPv2 ZyXEL G-162/G-360 User’s Guide Configuring WPA-802.1x PEAP-GTC ZyXEL G-162/G-360 User’s Guide Configuring WPA-802.1x EAP-TLS ZyXEL G-162/G-360 User’s Guide Configuring WPA2-802.1x EAP-TLS ZyXEL G-162/G-360 User’s Guide Page Troubleshooting Starting ZyXEL Utility Program Problems Starting the ZyXEL Utility ProgramProblems with Security Settings Problems with LED StatusProblems with the Link Status Troubleshooting Communication Problems Problems Communicating With Other ComputersPage Peap Protected EAP EAP-TTLS Tunneled Transport Layer ServiceEAP-MD5 Message-Digest Algorithm EAP-TLS Transport Layer SecurityLeap Comparison of EAP Authentication Types

G-162, G-360 specifications

ZyXEL Communications is recognized for its innovative networking solutions, and among its notable products are the G-162 and G-360 wireless USB adapters. These devices empower users to connect to wireless networks while delivering robust performance and reliability.

The ZyXEL G-162 is a compact USB adapter designed to provide wireless connectivity to laptops or desktop computers. It supports the IEEE 802.11b/g standards, which ensures compatibility with a wide range of wireless networks. Featuring a sleek design, the G-162 is easy to install, with a plug-and-play capability that enables users to quickly connect to their networks without complex setup procedures. This device operates in the 2.4 GHz frequency band, delivering a maximum wireless speed of up to 54 Mbps, making it suitable for tasks such as web browsing, email, and streaming audio and video.

On the other hand, the ZyXEL G-360 takes connectivity a step further by integrating both wireless and Ethernet connectivity options. Similar to the G-162, it also adheres to the 802.11b/g standards. However, the G-360 provides an additional Ethernet port, which allows users to connect devices that require a wired connection, ensuring flexible networking setups. The G-360 is equipped with advanced security features, including WPA/WPA2 encryption, ensuring that data is transmitted securely across the network.

Both the G-162 and G-360 are designed with user convenience in mind. They come with drive support for various operating systems, including Windows and Mac, making them versatile for different user environments. The compact form factor of these USB adapters means they can be easily transported, allowing users to maintain internet connectivity while on the move.

The build quality of ZyXEL devices is commendable, as they are engineered for durability and long-term use. Moreover, their performance in terms of range and signal stability is enhanced by intelligent antenna placement and power management features, ensuring a reliable connection in various settings.

In conclusion, the ZyXEL G-162 and G-360 are excellent choices for users seeking efficient wireless connectivity solutions. With their extensive features, security protocols, and user-friendly design, these devices highlight ZyXEL’s commitment to improving connectivity and enhancing the user experience in the ever-evolving digital landscape. Whether for home or office use, these wireless USB adapters stand as a testament to ZyXEL's innovation in communication technology.