NETGEAR WPN802 manual WPA/WPA2 Data Encryption Key Management

Page 68

Reference Manual for the NETGEAR RangeMax™ Wireless Access Point WPN802

3.The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (for example, RADIUS).

4.The authentication server uses a specific authentication algorithm to verify the client's identity. This could be through the use of digital certificates or some other EAP authentication type.

5.The authentication server will either send an accept or reject message to the access point.

6.The access point sends an EAP-success packet (or reject packet) to the client.

7.If the authentication server accepts the client, then the access point will transition the client's port to an authorized state and forward additional traffic.

The important part to know at this point is that the software supporting the specific EAP type resides on the authentication server and within the operating system or application “supplicant” software on the client devices. The access point acts as a “pass through” for 802.1x messages, which means that you can specify any EAP type without needing to upgrade an 802.1x-compliant access point. As a result, you can update the EAP authentication type to such devices as token cards (Smart Cards), Kerberos, one-time passwords, certificates, and public key authentication, or as newer types become available and your requirements for security change.

WPA/WPA2 Data Encryption Key Management

With 802.1x, the rekeying of unicast encryption keys is optional. Additionally, 802.11 and 802.1x provide no mechanism to change the global encryption key used for multicast and broadcast traffic. With WPA/WPA2, rekeying of both unicast and global encryption keys is required.

For the unicast encryption key, the Temporal Key Integrity Protocol (TKIP) changes the key for every frame, and the change is synchronized between the wireless client and the wireless access point (AP). For the global encryption key, WPA includes a facility (the Information Element) for the wireless AP to advertise the changed key to the connected wireless clients.

If configured to implement dynamic key exchange, the 802.1x authentication server can return session keys to the access point along with the accept message. The access point uses the session keys to build, sign and encrypt an EAP key message that is sent to the client immediately after sending the success message. The client can then use contents of the key message to define applicable encryption keys. In typical 802.1x implementations, the client can automatically change encryption keys as often as necessary to minimize the possibility of eavesdroppers having enough time to crack the key in current use.

B-14

Wireless Networking Basics

202-10101-01, May 2005

Page 67 Page 69
Image 68
Page 67 Page 69
Contents NETGEAR, Inc 202-10101-01, May Product and Publication Details 202-10101-01, May Contents Chapter Management and Information Glossary Viii Contents Chapter About This Manual Audience, Scope, Conventions, and FormatsHow to Use This Manual How to Print this ManualPrinting the Full Manual 202-10101-01, May RangeMax Multi-In, Multi-Out Mimo Technology Key FeaturesChapter Introduction 802.11g Wireless Networking Autosensing Ethernet Connections with Auto UplinkPackage Contents Front Panel Status Lights Rear Panel202-10101-01, May 202-10101-01, May Chapter Basic Installation and Configuration Default Factory SettingsSystem Requirements Prepare to Install Your Wireless Access PointFirst, Connect the Wireless Access Point to Your Computer WPN802 connected to a computer during configuration Then, Configure the Basic Settings WPN802 SettingsBasic Settings menu Next, Configure the Wireless Settings Wireless Settings menuDeploy the WPN802 and Verify Wireless Connectivity WPN802 placed in a vertical orientationHow to Log In to the WPN802 Using Its Default IP Address Login windowBrowser display the WPN802 settings home 202-10101-01, 4 May Chapter Wireless Configuration Observe Performance, Placement, and Range GuidelinesUnderstanding Wireless Settings Vertical orientation required on metallic surfacesUnderstanding Advanced Wireless Settings Advanced Wireless Settings menu Implementing Appropriate Wireless Security Wireless Data Security Options202-10101-01, 4 May If WPA-PSK Authentication is Used How to Set Up and Test Basic Wireless Connectivity How to Configure WEP or WPA Wireless Settings encryption menu Configuring Advanced Wireless Settings Advanced Wireless SettingsWireless Card Access Restricting by MAC Address Wireless Access Control List screenTurning Access Control On Setting up the Access Control List202-10101-01, 4 May Changing the Password Chapter Management and InformationThen, Upgrade the Firmware Upgrading the Wireless Access Point FirmwareFirst, Prepare for the Firmware Upgrade Backing up Settings or Restoring Settings Upgrade Firmware dialog boxRestoring Factory Default Settings Backing up SettingsRestoring Settings from a Backup File Rebooting the WPN802 Access Point Viewing a List of Available Wireless StationsViewing Statistics Statistics screenChapter Troubleshooting Troubleshooting TipsNo lights are lit on the access point Ethernet light is not litCannot configure the access point from a browser When I enter a URL or IP address I get a timeout errorUsing the Reset Button to Restore Factory Default Settings To clear all data and restore the factory default values202-10101-01, May Appendix a Technical Specifications Power AdapterWireless Infrastructure Mode Appendix B Wireless Networking BasicsWireless Networking Overview Network Name Extended Service Set Identification Essid Authentication and WEP Data EncryptionAd Hoc Mode Peer-to-Peer Workgroup Authentication Open System Authentication802.11b Authentication Open System Steps 802.11b Authentication Shared Key Steps Key Size Wireless Channels WEP Configuration OptionsWPA and WPA2 Wireless Security How Does WPA Compare to WEP? What are the Key Features of WPA and WPA2 Security? How Does WPA Compare to WPA2 Ieee 802.11i?Wireless Networking Basics Figure B-3 WPA/WPA2 Overview Access point replies with an EAP-request identity message WPA/WPA2 Data Encryption Key Management Temporal Key Integrity Protocol Tkip Is WPA/WPA2 Perfect? Product Support for WPA/WPA2Changes to Wireless Access Points Changes to Wireless Client Programs Glossary 802.11e Standard Access Point AP Bridge CSMA/CD Carrier Sense Multiple Action/Collision Detection Essid more commonly referred to as Ssid Short Set Identifier Ieee Institute of Electrical and Electronics Engineers MAC Media Access Control PHY Range Site survey TCP/IP War Driving Wi-Fi Protected Access and Ieee 802.11i Comparison Wi-Fi Protected Access in Mixed Mode Deployment Glossary
Related manuals
Manual 2 pages 30.82 Kb

WPN802 specifications

The NETGEAR WPN802 is an exceptional wireless access point that has made a significant impact on the home networking landscape. Designed to provide robust wireless connectivity, the WPN802 is an 802.11g compliant device, delivering reliable performance at data rates of up to 54 Mbps. This allows users to enjoy seamless Internet access for streaming, gaming, and other bandwidth-intensive applications.

One of the standout features of the NETGEAR WPN802 is its ease of installation and setup. The device is equipped with a user-friendly setup wizard that guides users step by step through the process, making it accessible even for those who may not be tech-savvy. The WPN802 also supports both wired and wireless connections, allowing it to integrate seamlessly into existing network configurations, whether expanding a home network or setting up a new one.

Security is a crucial aspect of any wireless network, and the WPN802 addresses this with several built-in security features. It supports WEP, WPA, and WPA2 encryption protocols, ensuring that data transmitted over the network remains secure from unauthorized access. Additionally, the device provides MAC address filtering, which allows users to control the devices that can connect to the network.

Another significant feature of the NETGEAR WPN802 is its versatility. It can function not only as an access point but also as a wireless bridge or a repeater, enabling users to extend the range of their existing wireless network. This flexibility is particularly valuable in larger homes or offices where coverage may be spotty in certain areas.

The WPN802 also includes Quality of Service (QoS) features that prioritize bandwidth for different applications, ensuring that critical tasks such as video conferencing and online gaming receive the necessary resources for optimal performance. This enhances the overall user experience, especially in environments with multiple connected devices.

In terms of build and design, the NETGEAR WPN802 is compact and lightweight, allowing for easy placement in various locations without being obtrusive. Its stylish exterior ensures it can fit in seamlessly with home or office decor.

In conclusion, the NETGEAR WPN802 is a highly reliable and feature-rich wireless access point that caters to the needs of modern users. With its fast wireless speeds, robust security features, versatile functionality, and user-friendly setup, it remains a commendable choice for anyone looking to enhance their wireless networking experience. Whether used in a residential or small business setting, the WPN802 stands out as a dependable solution that continues to meet the demands of today's connected world.
Top Page Image Contents