NETGEAR WG602NA manual WPA Data Encryption Key Management

Page 74

User’s Guide for the WG602 v3 54 Mbps Wireless Access Point

3.The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (e.g., RADIUS).

4.The authentication server uses a specific authentication algorithm to verify the client's identity. This could be through the use of digital certificates or some other EAP authentication type.

5.The authentication server will either send an accept or reject message to the access point.

6.The access point sends an EAP-success packet (or reject packet) to the client.

7.If the authentication server accepts the client, then the access point will transition the client's port to an authorized state and forward additional traffic.

The important part to know at this point is that the software supporting the specific EAP type resides on the authentication server and within the operating system or application “supplicant” software on the client devices. The access point acts as a “pass through” for 802.1x messages, which means that you can specify any EAP type without needing to upgrade an 802.1x-compliant access point. As a result, you can update the EAP authentication type to such devices as token cards (Smart Cards), Kerberos, one-time passwords, certificates, and public key authentication or as newer types become available and your requirements for security change.

WPA Data Encryption Key Management

With 802.1x, the rekeying of unicast encryption keys is optional. Additionally, 802.11 and 802.1x provide no mechanism to change the global encryption key used for multicast and broadcast traffic. With WPA, rekeying of both unicast and global encryption keys is required.

For the unicast encryption key, the Temporal Key Integrity Protocol (TKIP) changes the key for every frame, and the change is synchronized between the wireless client and the wireless access point (AP). For the global encryption key, WPA includes a facility (the Information Element) for the wireless AP to advertise the changed key to the connected wireless clients.

If configured to implement dynamic key exchange, the 802.1x authentication server can return session keys to the access point along with the accept message. The access point uses the session keys to build, sign and encrypt an EAP key message that is sent to the client immediately after sending the success message. The client can then use contents of the key message to define applicable encryption keys. In typical 802.1x implementations, the client can automatically change encryption keys as often as necessary to minimize the possibility of eavesdroppers having enough time to crack the key in current use.

B-14

Wireless Networking Basics

202-10060-01, September 2004

Image 74
Contents User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Technical Support Netgear 54 Mbps Wireless Access Point WG602 RF Exposure RequirementsRadio Frequency Interference Requirements Regulatory Compliance Information0984 202-10060-01, September Contents Appendix a Specifications Appendix B Wireless Networking Basics Glossary Index Viii Contents Audience, Scope, Conventions Manual SpecificationsChapter About This Manual Typographical conventionsHow to Use this Manual Html version of this manualHow to Print this Manual User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Support for Standards About the 54 Mbps Wireless Access Point WG602Chapter Introduction Key Features 802.11g Standards-based Wireless NetworkingCompatible and Related Netgear Products System RequirementsAutosensing Ethernet Connections with Auto Uplink Resource CD for the 54 Mbps Wireless Access Point WG602 v3 What’s In the Box?WG602 v3 Wireless Access Point Front Panel Hardware DescriptionPoint User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Chapter Basic Installation and Configuration Observing Placement and Range GuidelinesDefault Factory Settings Feature Factory Default SettingsUnderstanding WG602 v3 Wireless Security Options Installing the 54 Mbps Wireless Access Point WG602 SET UP the WG602 V3 Access PointConfigure LAN and Wireless Access Deploy the WG602 V3 Access Point Two Ways to Log In to the WG602How to Log in Using the Default IP Address of the WG602 Login result WG602 v3 home How to Log In to the WG602 v3 Using Its Default NetBIOS Name Using the Basic IP Settings Options Basic IP SettingsUnderstanding the Basic Wireless Settings Basic Wireless SettingsUser’s Guide for the WG602 v3 54 Mbps Wireless Access Point Understanding Wireless Security Options Basic Wireless Security OptionsIf WPA-PSK Authentication is Used How to Configure WEP Wireless Security 10 WEP SettingsHow to Configure WPA-PSK Wireless Security 11 WPA Settings menuHow to Restrict Wireless Access by MAC Address 12 Access Control optionsUser’s Guide for the WG602 v3 54 Mbps Wireless Access Point User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Chapter Management Viewing General InformationField Description Access Point Information General Information FieldsUpgrading the Wireless Access Point Software Viewing a List of Attached DevicesWG602 v3 Upgrade Firmware Rebooting and Resetting Factory Default Options Restoring the WG602 v3 to the Factory Default SettingsChanging the Administrator Password Set PasswordAdvanced Wireless Settings Fields Chapter Advanced ConfigurationUnderstanding Advanced Wireless Settings Configuring Wireless Distribution System Links How to Configure Wireless Bridge LinksWireless Access Point How to Configure User’s Guide for the WG602 v3 54 Mbps Wireless Access Point User’s Guide for the WG602 v3 54 Mbps Wireless Access Point No lights are lit on the access point Chapter TroubleshootingTroubleshooting Ethernet LAN light is not litWireless LAN activity light is not lit Cannot configure the wireless access point from a browserUsing the Reset Button to Restore Factory Default Settings When I enter a URL or IP address I get a timeout errorUser’s Guide for the WG602 v3 54 Mbps Wireless Access Point Appendix a Specifications Specifications for the WG602User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Infrastructure Mode Appendix B Wireless Networking BasicsWireless Networking Overview Wireless Channels Ad Hoc Mode Peer-to-Peer WorkgroupNetwork Name Extended Service Set Identification Essid Radio frequency channels used are listed in Table B-1 Table B-1 802.11b Radio Frequency ChannelsWEP Wireless Security WEP AuthenticationAccess point have the same WEP are described below Authentication Open System StepsAuthentication Shared Key Steps Key Size and Configuration WPA Wireless Security How to Use WEP ParametersHow Does WPA Compare to WEP? What are the Key Features of WPA Security? How Does WPA Compare to Ieee 802.11i?User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Login Authentication Figure B-3 WPA OverviewFigure B-4 802.1x Authentication Sequence WPA Data Encryption Key Management Temporal Key Integrity Protocol Tkip Is WPA Perfect? Product Support for WPAChanges to Wireless Network Adapters Changes to Wireless Client Programs Basic Router Concepts What is a Router?Appendix C Network, Routing, Firewall, and Cabling Basics IP Addresses and the Internet Class E Class E addresses are for experimental use Netmask Subnet AddressingFigure C-2 Example of Subnetting a Class B Address Table C-1. Netmask Notation Translation Table for One Octet Table C-2. Netmask FormatsSingle IP Address Operation Using NAT Private IP AddressesIP Configuration by Dhcp Figure C-3 Single IP Address Operation Using NATDomain Name Server Routing ProtocolsInternet Security and Firewalls MAC Addresses and ARPEthernet Cabling What is a Firewall?Denial of Service Attack Stateful Packet InspectionTable C-1 UTP Ethernet cable wiring, straight-through Category 5 Cable QualityInside Twisted Pair Cables Figure C-4 Straight-Through Twisted-Pair CableUplink Switches, Crossover Cables, and MDI/MDIX Switching User’s Guide for the WG602 v3 54 Mbps Wireless Access Point User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Appendix D Preparing Your PCs for Network Access Preparing Your Computers for TCP/IP NetworkingConfiguring Windows 98 and Me for TCP/IP Networking Installing or Verifying Windows Networking ComponentsEnabling Dhcp to Automatically Configure TCP/IP Settings Dhcp Configuration of TCP/IP in Windows 98 and Me Choose Settings, and then Control PanelSelecting the Windows Internet Access Method Verifying TCP/IP Properties for Windows 98 or MeConfiguring Windows 2000 or XP for TCP/IP Networking Dhcp Configuration of TCP/IP in Windows XP TCP/IP details are presented on Support tab Dhcp Configuration of TCP/IP in Windows Right click Local Area Connection and select PropertiesObtain an IP address automatically is selected Verifying TCP/IP Properties for Windows XP or User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Glossary NumericSee Access Control List See Dynamic Host Configuration Protocol See Internet Control Message Protocol Ieee Internet service provider Megabits per second NIC Set of rules for communication between devices on a network See Wide Area Network Wins User’s Guide for the WG602 v3 54 Mbps Wireless Access Point Index NumericsRFC

WG602NA specifications

The NETGEAR WG602NA is a wireless access point that has garnered attention for its robust performance and reliability in various networking environments. Designed primarily for home and small office use, this device offers users an efficient way to expand their network's coverage, providing both flexibility and convenience in connectivity.

One of the standout features of the WG602NA is its adherence to the IEEE 802.11g standard, which allows it to deliver wireless connectivity speeds of up to 54 Mbps. This speed makes it suitable for a variety of online activities, including web browsing, streaming videos, and online gaming. The device also supports backward compatibility with 802.11b devices, ensuring that older devices can still connect seamlessly.

The WG602NA utilizes advanced wireless security protocols to protect users' data. It supports Wired Equivalent Privacy (WEP) for basic encryption, as well as Wi-Fi Protected Access (WPA and WPA2) for more robust security measures. This ensures that your network remains secure from unauthorized access and data breaches.

In terms of connectivity, the WG602NA offers a straightforward setup process that is user-friendly, even for those with minimal technological knowledge. The device features a simple web interface that guides users through the configuration process, allowing them to customize settings according to their needs. It also includes a variety of options for network configuration, such as DHCP and static IP addressing, which can accommodate different network setups.

For those looking to set up multiple access points, the WG602NA can be configured to operate in bridge mode, enabling seamless roaming across larger areas without losing connectivity. This feature is particularly beneficial in larger homes or office settings where consistent signal strength is essential.

The compact design of the WG602NA makes it an unobtrusive addition to any setting, and it is equipped with a power over Ethernet (PoE) option, allowing it to be powered through an Ethernet cable. This flexibility facilitates easier installations as there is no need for searching for an electrical outlet nearby.

Overall, the NETGEAR WG602NA is a reliable access point that combines speed, security, and ease of use. Its features make it an excellent choice for individuals or small businesses seeking to enhance their wireless network capabilities, ensuring consistent and secure connectivity for all connected devices.