2Wire 3800HGV-B manual 802.1x Setup

Page 4

Networking Technology Overview

Wireless. The 2Wire gateway includes an integrated wireless access point, which allows users to roam wirelessly throughout the home or office. 2Wire's high-powered wireless technology virtually eliminates wireless “coldspots” in the home. The 2Wire gateway’s high power 400mW transmitter ensures that users benefit from increased wireless bandwidth throughout the coverage area. In addition, the 2Wire gateway employs a special triple antenna design. The third antenna is used only for transmitting packets, thus mitigating the power loss associated with switching the antenna use back and forth between transmit and receive. This results in greater access point sensitivity, as antenna placement can be better optimized with a dedicated set of receive-only antennas.

MoCA. MoCA technology allows users to easily share digital entertainment throughout the home using the existing coax cable infrastructure to distribute content such as video (SDTV and HDTV), music, games, and images. MoCA provides the following benefits:

Multi-room HDTV DVR. Allows users to record and share digital videos simultaneously in every room.

Multi-room gaming. Allows users to access games from various locations in the home and play simultaneously.

PC to TV. Allows users to merge data and video-centric networks throughout the home.

802.1X Authentication. 802.1X Authentication provides port-based authentication using certificates. These certificates reside in the RADIUS authentication server and the 3700HGV-B gateway, and are signed by a Certificate Authority (CA). When the RADIUS server and the gateway successfully exchange certificates, access to the network is allowed.

Prior to authentication, only limited security traffic (Layer 1 and Layer 2) is allowed on ports. After authentication, ports open up for all other traffic (such as DHCP, IP, or Layer 3 and above).

The VDSL DSLAM is the authenticator between the 3700HGV-B and the RADIUS server. The RADIUS server provides authentication and authorization for the 3700HGV-B, and decides if the VDSLAM will open the port for upper layer traffic. The 3700HGV-B and RADIUS server will exchange certificates to provide mutual authentication. They will ensure that the certificate was issued from a trusted CA and that the certificates are valid, and other related information.

If the VDSL DSLAM port is not configured for 802.1X, the 3700HGV-B attempts to authenticate 3 times. If it cannot authenticate, it bypasses 802.1X authentication. This does not mean that the 3700HGV-B will be allowed on the network, just that it does not attempt the authentication again until power cycled or the network requests it.

802.1x Setup

EAP/TLS

VDSL HomePortal (Supplicant)

 

 

 

 

EAP to Radius

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

RADIUS

 

 

 

 

 

 

 

 

RADIUS Server

 

 

 

 

 

 

 

VDSL DSLAM

 

 

(Authentication

 

(Authenticator)

 

 

 

Server)

2

Page 3 Page 5
Image 4
Page 3 Page 5
Contents Contents Page 3800HGV-B Overview HGV-B, Rear View802.1x Setup Page Installation Requirements Connect the Computer to the Gateway Choose a Computer and Connection TypeEthernet Connection Wireless Connection Locating the Serial Number and Wireless Encryption Key Non-2Wire Wireless Adapter ConfigurationConfiguring the Adapter Install the 2Wire Gateway USB Driver Windows USB to PC ConnectionInstall the 2Wire Gateway USB Driver Macintosh Connecting to Vdsl via CoAX Connect the Broadband InterfaceSetting Up Iptv Connect to IptvGateway System Pages Gateway User InterfaceViewing Your System Summary Setting a System Password Changing Your Time Zone SettingsViewing System Details Broadband Link PagesViewing Your Broadband Link Summary Viewing Broadband Link Details Using Broadband Diagnostics From Jeff M Need to show Ethernet broadband exampleViewing Statistics Using Broadband Link Advanced Settings Viewing Your Home Network Summary Home Network PagesLocal Devices Monitoring Your Wireless Settings Status at a Glance PanelPage Configuring Additional Settings Customizing Security SettingsConfiguring Advanced Settings Editing Address Allocation Settings Firewall Pages Viewing Your Firewall SummaryPage Configuring Firewall Settings Configuring Advanced Firewall Settings Enabling Advanced SecurityAllowing Inbound and Outbound Traffic Disabling Attack DetectionPage Accessing the Management and Diagnostic Console Access the Management and Diagnostic ConsoleSystem Summary Vdsl Broadband Link Summary Broadband Link Statistics Broadband Link Detailed Statistics Broadband Link Configuration Local Network Status Specifies whether a USB device is present Active on Local Network Statistics Local Network Device List Local Network Wireless Settings Local Network Configuration Enabling Router Behind Router AlertLocal Network Address Allocation Local Network Configure the MoCA Network Local Network MoCA Statistics Firewall Settings Firewall Detailed Information Firewall Advanced Settings Troubleshooting DSL Diagnostics Analyzing General InformationReviewing Training History Reviewing Bitloading Troubleshooting Event Log Page Troubleshooting Network Tests Troubleshooting Upgrade History Troubleshooting Resets Advanced Syslog Settings Advanced Provisioning Info Advanced Configure Time Services Advanced Configure Services Advanced DNS Resolve Advanced Link Manager States Advanced Detailed Log Upgrade the Software Page Configuring Multiple Static IP Addresses Enable Public Network Mode Allocate Public IP Addresses to the LAN Clients CidrConfigure Firewall Rules Sample Configuration Figure *. Sample NetworkPage Vpnsrv Vpnsrv Select the Allow individual applications option LEDs LED overviewIpcp Glossary Regulatory Information PhoneRegulatory Information
Top Page Image Contents