NETGEAR WG302 manual Wireless Networking Basics

Page 87

Reference Manual for the NETGEAR ProSafe Wireless Access Point 802.11g WG302

The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods include 802.1X and Pre-shared key. Pre-shared key is an authentication method that uses a statically configured pass phrase on both the stations and the access point. This obviates the need for an authentication server, which in many home and small office environments will not be available nor desirable. Possible cipher suites include: WEP, TKIP, and AES (Advanced Encryption Standard). We talk more about TKIP and AES when addressing data privacy below.

•Authentication. EAP over 802.1X is used for authentication. Mutual authentication is gained by choosing an EAP type supporting this feature and is required by WPA. 802.1X port access control prevents full access to the network until authentication completes. 802.1X EAPOL-Key packets are used by WPA to distribute per-session keys to those stations successfully authenticated.

The supplicant in the station uses the authentication and cipher suite information contained in the information elements to decide which authentication method and cipher suite to use. For example, if the access point is using the pre-shared key method then the supplicant need not authenticate using full-blown 802.1X. Rather, the supplicant must simply prove to the access point that it is in possession of the pre-shared key. If the supplicant detects that the service set does not contain a WPA information element then it knows it must use pre-WPA 802.1X authentication and key management in order to access the network.

•Key management. WPA features a robust key generation/management system that integrates the authentication and data privacy functions. Keys are generated after successful authentication and through a subsequent 4-way handshake between the station and Access Point (AP).

•Data Privacy (Encryption). Temporal Key Integrity Protocol (TKIP) is used to wrap WEP in sophisticated cryptographic and security techniques to overcome most of its weaknesses.

•Data integrity. TKIP includes a message integrity code (MIC) at the end of each plaintext message to ensure messages are not being spoofed.

Wireless Networking Basics

B-11

September 2004

Image 87

Contents September Technical Support Placement and Range Guidelines Declaration of Conformity Industry Canada Compliance Statement September Contents Chapter Management Appendix a Specifications Contents Audience, Versions, Conventions Chapter About This ManualHtml version of this manual How to Use this ManualHow to Print this Manual About This Manual Chapter Introduction Supported Standards and Conventions Key FeaturesAutoCell-The Self-Organizing Wireless Network 802.11g Standards-based Wireless Networking Autosensing Ethernet Connections with Auto UplinkCompatible and Related Netgear Products What’s In the Box? System RequirementsHardware Description Following table explains the LED indicatorsLED Description This socket connects to the WG302 12V 1.2A power adapter WG302 provides two detachable antennaMale DB-9 serial port for serial DTE connections Introduction Observing Placement and Range Guidelines Chapter Basic Installation and ConfigurationCabling Requirements Feature Factory Default Settings Default Factory SettingsLUHOHVVDWD 6HFXULW\2SWLRQV Understanding WG302 Wireless Security OptionsSET UP the WG302 Access Point Installing the WG302 Access PointLogin window Login result WG302 home Web browser will then display the WG302 settingsBasic Settings menu Configure the settings appropriate for your networkDeploy the WG302 Access Point Verify Wireless Connectivity How to Log In to the WG302 Using Its Default IP Address Understanding Basic Wireless Settings Basic Installation and Configuration Understanding WEP/WPA Security Options Wireless Security Settings Field Description Security Encryption Field Description WPA-PSK Wi-Fi Key Before You Change the Ssid and WEP SettingsHow to Set Up and Test Basic Wireless Connectivity Select the Turn Access Control On check box How to Restrict Wireless Access by MAC AddressHow to Configure WEP To configure WEP data encryption, follow these stepsClick Apply to save your settings How to Configure WPA-PSK How to Configure WPA10 Wireless Settings menu Using the Basic IP Settings OptionsAccess Point Name NetBIOS Time Zone Select the time zone location for your settingChapter Management Using the Secure Telnet InterfaceHow to Use the CLI via the Console Port These settings appear below the connector on the back panelPress the return key, and the screen below should appear CLI CommandsSyslog and Activity Log information Using Syslog and Activity Log InformationThis screen shows the following parameters Viewing General, Log, Station, and Statistical InformationField Description StatisticsWireless Access Point Status screen Statistics Fields Viewing a List of Attached Devices Upgrading the Wireless Access Point SoftwareConfiguration File Management Settings Backup menu Saving and Retrieving the ConfigurationRestoring the WG302 to the Factory Default Settings Using the Reset Button to Restore Factory Default SettingsChanging the Administrator Password Set Password menu Management Understanding Advanced IP Settings for Wireless Clients Chapter Advanced ConfigurationAutoCell RF Management Understanding Advanced Wireless SettingsAutoCell RF management is enabled by default ConfigurationAdditional AutoCell View Management Options Table below describes the advanced wireless parameters Configuring Wireless LAN ParametersAdvanced Wireless Settings Access Point Mode settings Enabling Wireless Bridging and RepeatingPoint-to-Point Bridge How to Configure a WG302 as a Point-to-Point BridgeConfigure the Operating Mode WG302 AP1 on LAN How to Configure MultiHow to Configure Wireless Repeating Advanced Configuration No lights are lit on the access point Chapter TroubleshootingLAN light is not lit Wireless LAN activity light does not light upWhen I enter a URL or IP address I get a timeout error Cannot connect to the WG302 to configure itUsing the Reset Button to Restore Factory Default Settings Specifications for the WG302 Appendix a SpecificationsSpecifications This chapter provides an overview of Wireless networking Appendix B Wireless Networking BasicsWireless Networking Overview Infrastructure ModeAuthentication and WEP Data Encryption Ad Hoc Mode Peer-to-Peer WorkgroupNetwork Name Extended Service Set Identification Essid Open System Authentication Authentication$XWKHQWLFDWLRQ6WHSV Shared Key AuthenticationSends Iteback TOO!0 Overview of WEP ParametersKey Size WEP Configuration Options Wireless ChannelsWPA Wireless Security How Does WPA Compare to WEP? How Does WPA Compare to Ieee 802.11i? What are the Key Features of WPA Security?Wireless Networking Basics Figure B-3 WPA Overview Figure B-4 802.1x Authentication Sequence Access point replies with an EAP-request identity messageWPA Data Encryption Key Management Temporal Key Integrity Protocol Tkip Product Support for WPA Is WPA Perfect?Open system, then 802.1x supplicant EAP or preshared key Open system, then 802.1x EAP with Radius or preshared keyChanges to Wireless Client Programs Command Sets Appendix C Command Line ReferenceCommand Line Reference Command Line Reference Command Line Reference Glossary Dhcp DSL Internet service provider Radius TLS Wins Glossary Numerics IndexWEP B-3

Related manuals

Manual 34 pages 38.47 Kb