NETGEAR WPN111 user manual 202-10076-01

Page 64

User Manual for the NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111

The AP sends Beacon Frames with WPA information element to the stations in the service set. Information elements include the required authentication method (802.1x or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES). Probe Responses (AP to station) and Association Requests (station to AP) also contain WPA information elements.

1.Initial 802.1x communications begin with an unauthenticated supplicant (i.e., client device) attempting to connect with an authenticator (i.e., 802.11 access point). The client sends an EAP-start message. This begins a series of message exchanges to authenticate the client.

2.The access point replies with an EAP-request identity message.

3.The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (e.g., RADIUS).

4.The authentication server uses a specific authentication algorithm to verify the client's identity. This could be through the use of digital certificates or some other EAP authentication type.

5.The authentication server will either send an accept or reject message to the access point.

6.The access point sends an EAP-success packet (or reject packet) to the client.

7.If the authentication server accepts the client, then the access point will transition the client's port to an authorized state and forward additional traffic.

The important part to know at this point is that the software supporting the specific EAP type resides on the authentication server and within the operating system or application “supplicant” software on the client devices. The access point acts as a “pass through” for 802.1x messages, which means that you can specify any EAP type without needing to upgrade an 802.1x-compliant access point. As a result, you can update the EAP authentication type to such devices as token cards (Smart Cards), Kerberos, one-time passwords, certificates, and public key authentication or as newer types become available and your requirements for security change.

IEEE 802.1x offers an effective framework for authenticating and controlling user traffic to a protected network, as well as providing a vehicle for dynamically varying data encryption keys via EAP from a RADIUS server, for example. This framework enables using a central authentication server, which employs mutual authentication so that a rogue wireless user does not join the network.

It's important to note that 802.1x doesn't provide the actual authentication mechanisms. When using 802.1x, the EAP type, such as Transport Layer Security (EAP-TLS) or EAP Tunneled Transport Layer Security (EAP-TTLS) defines how the authentication takes place.

B -1 8

W ire le ss N e tworkin g B a sics

202-10076-01

Image 64
Contents NETGEAR, I n c Technical Support FCC Information to User Teste d to C om p ly Ta n d a rd sContents Troubleshooting Index Viii Chapter About This Manual Audience, Scope, ConventionsHow to Print this Manual Chapter Introduction Key FeaturesAbout the WPN111 Road Map for ‘How to Get There From Here’ What’s in the Box?On n e ct to a E n tify th e Wire le ss n e twork Wire le ssWire le ss n etwork To le a rn a b ou t wire le ssCtiva te m y Ve rify m y n e twork Ca b le or D S L se rvice TworkCon n e ction Rovid e rs For you r ve rsion of W in d ows Rowse r su ch a sWire le ss a n d Twork Con n e ct to th e wire le ss Wire d n etworkE P C I a m u sin g to Igh b orh oodWire le ss a n d Com p u te r su p p ort grou p s Com b in e dTwork n e e d s to b e D P rin t S h a rin gWhat You Need Before You Begin Chapter Basic SetupVerifying System Requirements Two Basic Operating Modes Observing Location and Range GuidelinesWPN111 Default Wireless Configuration Settings Basic Installation InstructionsClick Install Driver and Utility For Windows XP Users Installing a WPN111Sta llS h ie ld W iza rd V1 typ e Ort, youIs 1 4 M b p s wh e re a s th e With a W in d ows X P L ogo te stin gTh e se Ste p s, click th e H e lp b u tton in th e W P N 1 1202-10076-01 For Windows 2000 Users Installing a WPN111 N 1 1 1 R e sou rce C D Sta llS h ie ld W iza rdSp e e d is 1 Ou n d N e w H a rd wa re W iza rdOrt is 4 8 0 M b p s N 1 1 1 S yste m Tra y I con Tility Interpreting the LED on the WPN111 WPN111 Wireless Connection IndicatorsOr re se t Interpreting System Tray Icon Colors Understanding the Configuration Options Chapter ConfigurationUsing Configuration Profiles How to Configure an Infrastructure Mode Profile Connecting to an Access Point in Infrastructure ModeRun the WPN111 Configuration Utility Configure the wireless Network settings Save your settings in a ProfileHow to Configure an Ad-hoc Mode Profile Connecting to Another PC in Ad-hoc ModeVerify wireless connectivity to your network Configure the PC network settings Windows Run program dialog boxHow to Start a Computer-to-Computer Ad-Hoc Network Ping test resultsEnabling Wireless Security Features How to Configure WEP Encryption Security Configure the Security settingsHow to Configure WPA-PSK Encryption Security Statistics Advanced SecurityAdvanced Settings Advanced Settings202-10076-01 Chapter Troubleshooting Basic TipsFrequently Asked Questions General QuestionsNew Hardware Wizard appears after installation has completed Rou b le s h ootin g Appendix a Technical Specifications Ch n ica l S p e cifica tion s Wireless Networking Overview Appendix B Wireless Networking BasicsInfrastructure Mode Network Name Extended Service Set Identification Essid Ad Hoc Mode Peer-to-Peer WorkgroupWireless Channels 802.11b/g Wireless Channels Re qu e n cy G H z 5 5 2 5 5 2 For U SFor C a n a d a W for E u rop eWPN111 user can use thirteen channels in non-turbomode 152 Wireless Security Overview160 WEP Authentication WEP Overview802.1x Cisco LeapAuthentication Open System Steps WEP Keys Bit WEPHow to Use WEP Parameters WEP Key Configuration802.1x Port Based Network Access Control Figure B-4 802.1x authentication WPA Wireless Security How Does WPA Compare to WEP? What are the Key Features of WPA Security? How Does WPA Compare to Ieee 802.11i?Figure B-5 WPA Overview Figure B-6 WPA/802.1x Authentication Sequence 202-10076-01 Temporal Key Integrity Protocol Tkip WPA Data Encryption Key ManagementMichael Product Support for WPA Is WPA Perfect?AES Support Wireless network adapters Wireless client programs 202-10076-01 Appendix C Preparing Your PCs for Network Access Configuring Windows 98 and Me for TCP/IP NetworkingInstall or Verify Windows Networking Components Preparing Your Computers for TCP/IP NetworkingRe p a rin g Y ou r P C s for N e twork a cce ss Enabling Dhcp in Windows 98 and Me Choose Settings, and then Control PanelLocate your Network Neighborhood icon Primary Network Logon is set to Windows logon Selecting Windows’ Internet Access Method Verifying TCP/IP PropertiesConfiguring Windows 2000 or XP for TCP/IP Networking Dhcp Configuration of TCP/IP in Windows XP or Dhcp Configuration of TCP/IP in Windows XPTCP/IP details are presented on Support tab Dhcp Configuration of TCP/IP in Windows Verify that Obtain an IP addressObtain an IP address automatically is selected Verifying TCP/IP Properties for Windows XP or 202-10076-01 Glossary DSL Internet service provider Ssid Wins 202-10076-01 Index Numerics
Related manuals
Manual 87 pages 60.77 Kb