Reference Manual for the NETGEAR RangeMax™ Wireless Access Point WPN802

3.The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (for example, RADIUS).

4.The authentication server uses a specific authentication algorithm to verify the client's identity. This could be through the use of digital certificates or some other EAP authentication type.

5.The authentication server will either send an accept or reject message to the access point.

6.The access point sends an EAP-success packet (or reject packet) to the client.

7.If the authentication server accepts the client, then the access point will transition the client's port to an authorized state and forward additional traffic.

The important part to know at this point is that the software supporting the specific EAP type resides on the authentication server and within the operating system or application “supplicant” software on the client devices. The access point acts as a “pass through” for 802.1x messages, which means that you can specify any EAP type without needing to upgrade an 802.1x-compliant access point. As a result, you can update the EAP authentication type to such devices as token cards (Smart Cards), Kerberos, one-time passwords, certificates, and public key authentication, or as newer types become available and your requirements for security change.

WPA/WPA2 Data Encryption Key Management

With 802.1x, the rekeying of unicast encryption keys is optional. Additionally, 802.11 and 802.1x provide no mechanism to change the global encryption key used for multicast and broadcast traffic. With WPA/WPA2, rekeying of both unicast and global encryption keys is required.

For the unicast encryption key, the Temporal Key Integrity Protocol (TKIP) changes the key for every frame, and the change is synchronized between the wireless client and the wireless access point (AP). For the global encryption key, WPA includes a facility (the Information Element) for the wireless AP to advertise the changed key to the connected wireless clients.

If configured to implement dynamic key exchange, the 802.1x authentication server can return session keys to the access point along with the accept message. The access point uses the session keys to build, sign and encrypt an EAP key message that is sent to the client immediately after sending the success message. The client can then use contents of the key message to define applicable encryption keys. In typical 802.1x implementations, the client can automatically change encryption keys as often as necessary to minimize the possibility of eavesdroppers having enough time to crack the key in current use.

B-14

Wireless Networking Basics

202-10101-01, May 2005

Page 67 Page 69
Page 68
Image 68
NETGEAR WPN802 manual WPA/WPA2 Data Encryption Key Management
Page 67 Page 69

WPN802 specifications

The NETGEAR WPN802 is an exceptional wireless access point that has made a significant impact on the home networking landscape. Designed to provide robust wireless connectivity, the WPN802 is an 802.11g compliant device, delivering reliable performance at data rates of up to 54 Mbps. This allows users to enjoy seamless Internet access for streaming, gaming, and other bandwidth-intensive applications.

One of the standout features of the NETGEAR WPN802 is its ease of installation and setup. The device is equipped with a user-friendly setup wizard that guides users step by step through the process, making it accessible even for those who may not be tech-savvy. The WPN802 also supports both wired and wireless connections, allowing it to integrate seamlessly into existing network configurations, whether expanding a home network or setting up a new one.

Security is a crucial aspect of any wireless network, and the WPN802 addresses this with several built-in security features. It supports WEP, WPA, and WPA2 encryption protocols, ensuring that data transmitted over the network remains secure from unauthorized access. Additionally, the device provides MAC address filtering, which allows users to control the devices that can connect to the network.

Another significant feature of the NETGEAR WPN802 is its versatility. It can function not only as an access point but also as a wireless bridge or a repeater, enabling users to extend the range of their existing wireless network. This flexibility is particularly valuable in larger homes or offices where coverage may be spotty in certain areas.

The WPN802 also includes Quality of Service (QoS) features that prioritize bandwidth for different applications, ensuring that critical tasks such as video conferencing and online gaming receive the necessary resources for optimal performance. This enhances the overall user experience, especially in environments with multiple connected devices.

In terms of build and design, the NETGEAR WPN802 is compact and lightweight, allowing for easy placement in various locations without being obtrusive. Its stylish exterior ensures it can fit in seamlessly with home or office decor.

In conclusion, the NETGEAR WPN802 is a highly reliable and feature-rich wireless access point that caters to the needs of modern users. With its fast wireless speeds, robust security features, versatile functionality, and user-friendly setup, it remains a commendable choice for anyone looking to enhance their wireless networking experience. Whether used in a residential or small business setting, the WPN802 stands out as a dependable solution that continues to meet the demands of today's connected world.
Top Page Image Contents