Chapter 10 Interface
The following table describes the
Table 70 Network > Interface > WLAN > Add (WPA/WPA2 Security)
LABEL | DESCRIPTION |
Authentication | Select what the ZyWALL uses to authenticate the wireless clients. |
Type | Select Auth Method to be able to specify an authentication method object that you |
| have already configured. The authentication method can have the ZyWALL check |
| a user’s user name and password against the ZyWALL’s local database, a remote |
| LDAP, RADIUS, a Active Directory server, or more than one of these. See Chapter |
| 40 on page 635 for how to create authentication method objects. |
| Select Auth Server to be able to manually specify a RADIUS server’s settings in |
| this screen instead of using an authentication method object. |
|
|
Authentication | This field displays if you set the Authentication Type field to Auth Method. |
Method | Select an authentication method object that defines how the ZyWALL authenticates |
| a wireless user. The ZyWALL’s default configuration also includes an |
| authentication method object named “default” that you can use. You can configure |
| the “default” authentication method object, but it’s default configuration uses the |
| ZyWALL’s local database for authentication. |
|
|
TTLS Certificate | This field displays if you select Authentication Method. Select the certificate the |
| ZyWALL uses to authenticate itself to the wireless clients. The certificates you can |
| select from are the ones already configured in the My Certificates screen. |
| |
| authentication that uses certificates for only the |
| establish a secure connection. |
| The wireless clients must use TTLS authentication protocol and PAP inside the |
| TTLS secure tunnel. |
|
|
| The following fields display if you set the Authentication Type field to Auth |
| Server. |
|
|
RADIUS Server | Enter the IP address of the external authentication server in dotted decimal |
IP Address | notation. |
|
|
RADIUS Server | Enter the RADIUS server’s listening port number (the default is 1812). |
Port |
|
|
|
RADIUS Server | Enter a password (up to 31 alphanumeric characters) as the key to be shared |
Secret | between the external authentication server and the ZyWALL. The key is not sent |
| over the network. This key must be the same on the external authentication server |
| and ZyWALL. |
|
|
ReAuthentication | Specify how often wireless stations have to resend user names and passwords in |
Timer | order to stay connected. |
| Enter a time interval between 10 and 9999 seconds. The default time interval is |
| 1800 seconds (30 minutes). Alternatively, enter “0” to turn reauthentication off. |
| Note: If wireless station authentication is done using a RADIUS |
| server, the reauthentication timer on the RADIUS server |
| has priority. |
Idle Timeout | The ZyWALL automatically disconnects a wireless station from the wired network |
| after a period of inactivity. The wireless station needs to enter the user name and |
| password again before access to the wired network is allowed. |
| The default time interval is 3600 seconds (or 1 hour). |
|
|
Group Key | The Group Key Update Timer is the rate at which the AP sends a new group key |
Update Timer | out to all clients. The |
| changing the group key for an AP and all stations in a WLAN on a periodic basis. |
| Setting of the Group Key Update Timer is also supported in |
| ZyWALL default is 1800 seconds (30 minutes). |
244 |
| |
ZyWALL USG 100/200 Series User’s Guide |
| |
|
|
|