NETGEAR WAG302 manual Is WPA Perfect?, Product Support for WPA

Page 106

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302

Is WPA Perfect?

WPA is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS) attacks. If the access point receives two data packets that fail the message integrity code (MIC) within 60 seconds of each other, then the network is under an active attack, and as a result, the access point employs counter measures, which include disassociating each station using the access point. This prevents an attacker from gleaning information about the encryption key and alerts administrators, but it also causes users to lose network connectivity for 60 seconds. More than anything else, this may just prove that no single security tactic is completely invulnerable. WPA is a definite step forward in WLAN security over WEP and has to be thought of as a single part of an end-to-end network security strategy.

Product Support for WPA

Starting in August, 2003, NETGEAR, Inc. wireless Wi-Fi certified products will support the WPA standard. NETGEAR, Inc. wireless products that had their Wi-Fi certification approved before August, 2003 will have one year to add WPA so as to maintain their Wi-Fi certification.

WPA requires software changes to the following:

•Wireless access points

•Wireless network adapters

•Wireless client programs

Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged

To support the gradual transition of WEP-based wireless networks to WPA, a wireless AP can support both WEP and WPA clients at the same time. During the association, the wireless AP determines which clients use WEP and which clients use WPA. The disadvantage to supporting a mixture of WEP and WPA clients is that the global encryption key is not dynamic. This is because WEP-based clients cannot support it. All other benefits to the WPA clients, such as integrity, are maintained.

However, a mixed mode supporting WPA and non-WPA clients would offer network security that is no better than that obtained with a non-WPA network, and thus this mode of operation is discouraged.

B-18	Wireless Networking Basics

202-10078-01

Image 106

Contents NETGEAR, Inc Technical Support WAG302 ProSafe Dual Band Wireless Access Point Tested to Comply with FCC StandardsDeclaration of Conformity Industry Canada Compliance Statement Product and Publication Details Contents Chapter Management Appendix a Specifications Appendix C Command Line Reference Audience, Scope, Conventions, and Formats Chapter About This ManualBold How to Use This Manual How to Print this Manual Printing a Page in the Html ViewAbout This Manual About the WAG302 ProSafe Dual Band Wireless Access Point Chapter IntroductionKey Features Supported Standards and ConventionsAutoCell-The Self-Organizing Wireless Network Compatible and Related Netgear Products 802.11a/g Standards-based Wireless NetworkingAutosensing Ethernet Connections with Auto Uplink System Requirements What’s In the Box?Front Panel Hardware Description100 802.11a Wlan Rear Panel802.11g Wlan Serial Console Port Chapter Basic Installation and Configuration Observing Placement and Range GuidelinesCabling Requirements Enabled but Trap forwarding is disabled Default Factory SettingsTime Zone Adjust for Daylight Saving TIme Disabled Secure Telnet EnabledUnderstanding WAG302 Wireless Security Options LUHOHVVDWD 6HFXULW\2SWLRQVInstalling the WAG302 Access Point SET UP the WAG302 Access PointLogin window Web browser will then display the WAG302 General information Basic Settings menu Basic Installation and Configuration Wireless Settings 11a menu Deploy the WAG302 Access Point How to Log In to the WAG302 Using Its Default IP Address Understanding Basic Wireless Settings Wireless Settings 11aBasic Installation and Configuration Wireless Settings 11b/g Basic Installation and Configuration Basic Installation and Configuration 10 WEP/WPA Settings menus for 11a and 11b/g Understanding WEP/WPA Security OptionsBasic Installation and Configuration Before You Change the Ssid and WEP Settings 802.11a Configuration802.11b/g Configuration How to Set Up and Test Basic Wireless Connectivity How to Restrict Wireless Access by MAC Address Access Control 11a menu Access Control 11b/g menuHow to Configure WEP Click Apply to save your settings How to Configure WPA with Radius 13 Radius Server Settings menu 14 WEP/WPA Settings menus for 11a and 11bg How to Configure WPA-PSK 15 WEP/WPA Settings menus for 11a and 11bgUsing the Basic IP Settings Options IP AddressSpanning Tree Protocol Basic Installation and Configuration Chapter Management Remote ManagementUsing the Secure Telnet Interface How to Use the CLI via the Console PortCLI Commands Secure Telnet ClientUsing Syslog and Activity Log Information Syslog and Activity Log informationViewing General and Statistical Information General InformationCurrent IP Settings Field Description Access Point InformationCurrent Wireless Settings 11a Field Description Current Wireless Settings 11b/g Wireless 11a Received/Transmitted Field Description Wired Ethernet Received/TransmittedStatistics Viewing a List of Attached Devices Field Description Wireless 11b/g Received/TransmittedRefresh button Upgrading the Wireless Access Point Software Configuration File ManagementSaving and Retrieving the Configuration Restoring the WAG302 to the Factory Default SettingsUsing the Reset Button to Restore Factory Default Settings Rebooting the Access PointChanging the Administrator Password Set Password menuManagement Chapter Advanced Configuration Understanding Advanced IP Settings for Wireless ClientsAdvanced IP Settings for Wireless Clients screen Understanding Advanced Wireless Settings Auto RF Management -- Default Enable Problem AutoCell SettingsEnhance RF Privacy -- Default Disable AutoCell RF ManagementAuto RF Management Enhanced RF Security ‘Stealth Mode’ Additional AutoCell View Management Options Configuring Wireless LAN Parameters Advanced Wireless Settings screenEnabling Wireless Bridging and Repeating How to Configure a WAG302 as a Point-to-Point Bridge Point-to-Point BridgeManual Advanced Configuration How to Configure Wireless Repeating Multi-Point bridgingAdvanced Configuration Chapter Troubleshooting No lights are lit on the access pointWireless LAN activity light does not light up LAN light is not litCannot connect to the WAG302 to configure it When I enter a URL or IP address I get a timeout errorUsing the Reset Button to Restore Factory Default Settings Specifications for the WAG302 Appendix a SpecificationsParameter WAG302 ProSafe Dual Band Wireless Access Point Specifications Wireless Networking Overview Appendix B Wireless Networking BasicsInfrastructure Mode Ad Hoc Mode Peer-to-Peer Workgroup Network Name Extended Service Set Identification EssidAuthentication and WEP Data Encryption Authentication802.11b Authentication Open System Steps 802.11b Authentication Shared Key Steps Key Size WEP Configuration Options Wireless Channels802.11b/g Wireless Channels Table B-2 802.11b/g Radio Frequency Channels Channel Center Frequency Frequency Spread802.11a Wireless Channels Channel FrequencyWPA Wireless Security WAG302 user can use five channels in turbo modeHow Does WPA Compare to WEP? What are the Key Features of WPA Security? How Does WPA Compare to Ieee 802.11i?Wireless Networking Basics Figure B-3 WPA Overview Radius Server Access point replies with an EAP-request identity message WPA Data Encryption Key Management Temporal Key Integrity Protocol Tkip Is WPA Perfect? Product Support for WPAChanges to Wireless Access Points Changes to Wireless Client Programs Appendix C Command Line Reference Command SetsCommand Line Reference Command Line Reference Command Line Reference 802.11a 100BASE-Tx802.1x 802.11bCat Auto UplinkCertificate Authority Dynamic Host Configuration Protocol Domain NameMAC address Internet ProtocolLocal area network MbpsNetwork Address Translation NetBIOSNetmask PacketWi-Fi Windows Internet Naming Service Wide area networkWireless Network Name Ssid Glossary

Related manuals

Manual 2 pages 4.37 Kb