Manuals / ZyXEL Communications / Computer Equipment / Network Router

ZyXEL Communications 320W manual Authentication Port State and Authentication Control

Models: 320W

1 75

Download 75 pages 14 b

Page 39

Authentication Port State and Authentication Control

P320W Support Notes

The device (i.e. RADIUS server) provides an authentication service to an authenticator. This service determines, from the credentials provided by the supplicant, whether the supplicant is authorized to access the services provided by the authenticator. The authentication server performs the actual authentication of the client. It validates the identity of the supplicant. Because the authenticator acts as the proxy, the authentication service is transparent to the supplicant.

Authentication Port State and Authentication Control

The port state determines whether or not the supplicant (Wireless Client) is granted access to the network behind Wireless AP. There are two authentication port state on the AP, authorized state and unauthorized state.

By default, the port starts in the unauthorized state. While in this state, the port disallows all incoming and outgoing data traffic except for 802.1x packets. When a supplicant is successfully authenticated, the port transitions to the authorized state, allowing all traffic for the client to flow normally. If a client that does not support 802.1x is connected to an unauthorized 802.1x port, the authenticator requests the client’s identity. In this situation, the client does not respond to the 802.1x request, the port remains in the unauthorized state, and the client is not granted access to the network.

When 802.1x is enabled, the authenticator controls the port authorization state by using the following control parameters. The following three authentication control parameter are applied in Wireless AP.

39

All contents copyright (c) 2005 ZyXEL Communications Corporation.

Image 39

ZyXEL Communications manual Authentication Port State and Authentication Control, P320W Support Notes

Contents

802.11g Wireless Firewall Router Prestige 320WSupport Notes APPLICATION NOTES P320W Support NotesP320W Support Notes What is BOOTP/DHCPP320W Support Notes TROUBLE SHOOTING1. Ethernet connection Application NotesGeneral Application Notes Internet ConnectionP320W Support Notes 2. TCP/IP Installation3. TCP/IP Configuration Setting up the Prestige router1. Retrieve Prestige Web P320W Support NotesP320W Support Notes All contents copyright c 2005 ZyXEL Communications CorporationP320W Support Notes Configure an Internal Server Behind SUAAll contents copyright c 2005 ZyXEL Communications Corporation ServicePort Number Port numbers for some common servicesP320W Support Notes Using the Dynamic DNS DDNSDescription Option Service Provider Active Host User Name PasswordEnable Wildcard Network Management Using SNMP1. A small set of management operations P320W Support NotesP320W Support Notes 2. SNMPv1 OperationsGetNext TrapP320W Support Notes P320W Support Notes 3. ZyXEL SNMP Implementation4. Configure the Prestige for SNMP Get CommunityP320W Support Notes P320W Support Notes Using Prestige traffic redirectSet Community Traffic Redirect on LAN portUsing Universal Plug n Play UPnP 1. What is UPnPP320W Support Notes P320W Support Notes 2. Using UPnP in ZyXEL devicesControl Point PC1 Go to Management-UPnP, check Enable UPnP serviceDevice P320W Service NAT function provided by Prestige Router P320W Support Notes3. Start a Video conversation with one online user P320W Support NotesAll contents copyright c 2005 ZyXEL Communications Corporation P320W Support Notes5. Finally, your video conversation is achieved P320W Support Notes 1. What is Infrastructure mode?WLAN Application Notes Infrastructure ModeP320W Support Notes All contents copyright c 2005 ZyXEL Communications CorporationP320W Support Notes 3. Configuration Wireless Station to Infrastructure mode3. Select Infrastructure from the operation mode pull down menu, fill in an SSID or leave it as any if you wish to connect to any AP than press Apply Change to take effect P320W Support NotesAll contents copyright c 2005 ZyXEL Communications Corporation P320W Support Notes5. Double click on the AP you want to associated with Wireless MAC Address Filtering 1. MAC Filter OverviewP320W Support Notes 3. Configure the WLAN MAC Filter 2. ZyXEL MAC Filter ImplementationP320W Support Notes WEP Configuration 1. IntroductionP320W Support Notes P320W Support Notes The standard does not discuss how the shared key is established. In practice, most installations use a single key that is shared between all mobile stations and access points APsP320W Support Notes 2. Setting up the Access PointKey settings 3. Setting up the StationP320W Support Notes 2. Select the Encryption tab P320W Support NotesP320W Support Notes All contents copyright c 2005 ZyXEL Communications CorporationP320W Support Notes IEEE1. IEEE 802.1x Introduction Key settingsP320W Support Notes 1. Authenticator3. Authentication Server 2. SupplicantP320W Support Notes Authentication Port State and Authentication ControlRe-Authentication EAPOL Extensible Authentication Protocol over LANP320W Support Notes P320W Support Notes EAPOL Exchange between 802.1x Authenticator and SupplicantP320W Support Notes All contents copyright c 2005 ZyXEL Communications CorporationP320W Support Notes IEEE 802.1x Configuration in ZyXEL Wireless Access PointEnable 802.1x in AP Using WEB ConfigurationP320W Support Notes Using External RADIUS Authentication ServerP320W Support Notes When the client supplies its identity, the authenticator begins its role as the intermediary, passing EAP frames between the supplicant and the authentication server until authentication succeeds or fails. If the authentication succeeds, the switch port becomes authorized. The specific exchange of EAP frames depends on the authentication method being used. The figure below shows a message exchange initiated by the client using the MD5 Challenge authentication method with a RADIUS serverSite Survey P320W Support Notes1. Introduction 2. Preparation 3. Survey on SiteP320W Support Notes P320W Support Notes All contents copyright c 2005 ZyXEL Communications CorporationP320W Support Notes 5. When you reach the farthest point of connection mark the spot. Now you move the access point to this new spot as have already determine the farthest point of the access point installation spot if wireless service is required from corner of the roomProduct FAQ What is the P320W 802.11g Wireless Firewall Router?P320W Support Notes Does the Prestige support PPPoE? What is PPPoE?Will the P320W work with my Internet connection? What do I need to use the Prestige?Which Internet Applications can I use with the Prestige? How do I know I am using PPPoE?Why does my provider use PPPoE? How can I configure the Prestige?What is the main difference between WinGate and the Prestige? How does e-mail work through the Prestige?P320W Support Notes How fast can the data go? What DHCP capability does the Prestige support?What network interface does the new Prestige series support? How can I upload data to outside Internet over the one-way cable?P320W Support Notes 1. Your ISP checks the MAC addressP320W Support Notes 2. Your ISP checks the Host NameWhat is BOOTP/DHCP What is DDNSP320W Support Notes What DDNS servers does the Prestige support? When do I need DDNS service?What is DDNS wildcard? Why cant I use video conferencing with MSN 4.6?What are the basic types of firewalls? Firewall FAQWhat is a network firewall? What makes P320W secure?What is Denials of Service DoS attack? What kind of firewall is the P320W?P320W Support Notes What is LAND attack? What is Ping of Death attack?What is Teardrop attack? What is SYN Flood attack?What are the advantages of Wireless LANs? Wireless FAQWhat is IP Spoofing attack? What is a Wireless LAN?What is an Access Point? c. Installation FlexibilityWhat are the disadvantages of Wireless LANs? Where can you find wireless 802.11 networks?What is 802.11g? What is IEEE 802.11?What is 802.11b? What is 802.11a?Is it possible to use products from a variety of vendors? What is Wi-Fi?Does the 802.11 interfere with Bluetooth devices? Can radio signals pass through walls?How many Access Points are required in a given area? SolutionWhat is Ad Hoc mode? What is Infrastructure mode?What is Server Set ID SSID? What is Direct-Sequence Spread Spectrum Technology - DSSS?What is Frequency-hopping Spread Spectrum Technology - FHSS? Why the 2.4 Ghz Frequency range?What is the difference between 40-bit and 64-bit WEP? What is an ESSID?How do I secure the data across an Access Points radio link? What is WEP?Open System What is Wireless Sniffer?Can the SSID be encrypted? What are Insertion Attacks?P320W Support Notes What is 802.1x?What is AAA? What is RADIUS?Why cannot access the Internet? Trouble ShootingWhy none of the LEDs turn on when connect the Prestige’s power? Why cannot access the Prestige from my computer?P320W Support Notes 1. Your ISP checks the MAC address2. Your ISP checks the Host Name Outgoing Connection Unable to run applicationsZyXEL SUA Supporting Table ApplicationP320W Support Notes P320W Support Notes