Manuals / ZyXEL Communications / Computer Equipment / Network Router

ZyXEL Communications manual What is 802.1x?, What is AAA?, What is RADIUS?, P320W Support Notes

Models: 320W

1 75

Download 75 pages 14 b

Page 70

P320W Support Notes

What is 802.1x?

IEEE 802.1x Port-Based Network Access Control is an IEEE (Institute of Electrical and Electronics Engineers) standard, which specifies a standard mechanism for authenticating, at the link layer (Layer 2), users' access to IEEE 802 networks such as Ethernet (IEEE 802.3) and Wireless LAN (IEEE 802.11). For IEEE 802.11 WLAN, IEEE 802.1x authentication can be based on username/password or digital certificate.

What is the difference between force-authorized, force-unauthorized and auto?

force-authorized—disables 802.1X and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.1X-based authentication of the client.

force-unauthorized—causes the port to remain in the unauthorized state, ignoring all attempts by the client to authenticate. The switch cannot provide authentication services to the client through the interface. auto—enables 802.1X and causes the port to begin in the unauthorized state, allowing only EAPOL frames to be sent and received through the port. The authentication process begins when the link state of the port transitions from down to up, or when an EAPOL-start frame is received. The switch requests the identity of the client and begins relaying authentication messages between the client and the authentication server. Each client attempting to access the network is uniquely identified by the switch by using the client's MAC address.

What is AAA?

AAAis the acronym for Authentication, Authorization, and Accounting and refers to the idea of managing subscribers by controlling their access to the network, verifying that they are who they say they are (via login name and password or MAC address) and accounting for their network usage.

What is RADIUS?

RADIUS stands for Remote Authentication Dial-In User Service. RADIUS is a standard that has been implemented into several software packages and networking devices. It allows user information to be sent to a central database running on a RADIUS Server, where it is verified. RADIUS also provides a mechanism for accounting.

70

All contents copyright (c) 2005 ZyXEL Communications Corporation.

Image 70

ZyXEL Communications manual What is 802.1x?, What is AAA?, What is RADIUS?, P320W Support Notes

Contents

Prestige 320W 802.11g Wireless Firewall RouterSupport Notes P320W Support Notes APPLICATION NOTESWhat is BOOTP/DHCP P320W Support NotesTROUBLE SHOOTING P320W Support NotesInternet Connection Application NotesGeneral Application Notes 1. Ethernet connectionSetting up the Prestige router 2. TCP/IP Installation3. TCP/IP Configuration P320W Support NotesP320W Support Notes 1. Retrieve Prestige WebAll contents copyright c 2005 ZyXEL Communications Corporation P320W Support NotesConfigure an Internal Server Behind SUA P320W Support NotesPort numbers for some common services ServicePort Number All contents copyright c 2005 ZyXEL Communications CorporationUsing the Dynamic DNS DDNS P320W Support NotesNetwork Management Using SNMP Option Service Provider Active Host User Name PasswordEnable Wildcard DescriptionP320W Support Notes 1. A small set of management operations2. SNMPv1 Operations P320W Support NotesTrap GetNextP320W Support Notes 3. ZyXEL SNMP Implementation P320W Support NotesGet Community 4. Configure the Prestige for SNMPP320W Support Notes Traffic Redirect on LAN port Using Prestige traffic redirectSet Community P320W Support Notes1. What is UPnP Using Universal Plug n Play UPnPP320W Support Notes 2. Using UPnP in ZyXEL devices P320W Support NotesP320W Support Notes Go to Management-UPnP, check Enable UPnP serviceDevice P320W Service NAT function provided by Prestige Router Control Point PC1P320W Support Notes 3. Start a Video conversation with one online userP320W Support Notes All contents copyright c 2005 ZyXEL Communications Corporation5. Finally, your video conversation is achieved WLAN Application Notes Infrastructure Mode1. What is Infrastructure mode? P320W Support NotesAll contents copyright c 2005 ZyXEL Communications Corporation P320W Support Notes3. Configuration Wireless Station to Infrastructure mode P320W Support Notes3. Select Infrastructure from the operation mode pull down menu, fill in an SSID or leave it as any if you wish to connect to any AP than press Apply Change to take effect P320W Support NotesP320W Support Notes All contents copyright c 2005 ZyXEL Communications Corporation5. Double click on the AP you want to associated with 1. MAC Filter Overview Wireless MAC Address FilteringP320W Support Notes 2. ZyXEL MAC Filter Implementation 3. Configure the WLAN MAC FilterP320W Support Notes 1. Introduction WEP ConfigurationP320W Support Notes The standard does not discuss how the shared key is established. In practice, most installations use a single key that is shared between all mobile stations and access points APs P320W Support Notes2. Setting up the Access Point P320W Support Notes3. Setting up the Station Key settingsP320W Support Notes P320W Support Notes 2. Select the Encryption tabAll contents copyright c 2005 ZyXEL Communications Corporation P320W Support NotesKey settings IEEE1. IEEE 802.1x Introduction P320W Support Notes2. Supplicant 1. Authenticator3. Authentication Server P320W Support NotesAuthentication Port State and Authentication Control P320W Support NotesEAPOL Extensible Authentication Protocol over LAN Re-AuthenticationP320W Support Notes EAPOL Exchange between 802.1x Authenticator and Supplicant P320W Support NotesAll contents copyright c 2005 ZyXEL Communications Corporation P320W Support NotesUsing WEB Configuration IEEE 802.1x Configuration in ZyXEL Wireless Access PointEnable 802.1x in AP P320W Support NotesUsing External RADIUS Authentication Server P320W Support NotesWhen the client supplies its identity, the authenticator begins its role as the intermediary, passing EAP frames between the supplicant and the authentication server until authentication succeeds or fails. If the authentication succeeds, the switch port becomes authorized. The specific exchange of EAP frames depends on the authentication method being used. The figure below shows a message exchange initiated by the client using the MD5 Challenge authentication method with a RADIUS server P320W Support NotesP320W Support Notes Site Survey1. Introduction 3. Survey on Site 2. PreparationP320W Support Notes All contents copyright c 2005 ZyXEL Communications Corporation P320W Support Notes5. When you reach the farthest point of connection mark the spot. Now you move the access point to this new spot as have already determine the farthest point of the access point installation spot if wireless service is required from corner of the room P320W Support NotesWhat is the P320W 802.11g Wireless Firewall Router? Product FAQP320W Support Notes What do I need to use the Prestige? What is PPPoE?Will the P320W work with my Internet connection? Does the Prestige support PPPoE?How can I configure the Prestige? How do I know I am using PPPoE?Why does my provider use PPPoE? Which Internet Applications can I use with the Prestige?How does e-mail work through the Prestige? What is the main difference between WinGate and the Prestige?P320W Support Notes How can I upload data to outside Internet over the one-way cable? What DHCP capability does the Prestige support?What network interface does the new Prestige series support? How fast can the data go?1. Your ISP checks the MAC address P320W Support Notes2. Your ISP checks the Host Name P320W Support NotesWhat is DDNS What is BOOTP/DHCPP320W Support Notes Why cant I use video conferencing with MSN 4.6? When do I need DDNS service?What is DDNS wildcard? What DDNS servers does the Prestige support?What makes P320W secure? Firewall FAQWhat is a network firewall? What are the basic types of firewalls?What kind of firewall is the P320W? What is Denials of Service DoS attack?P320W Support Notes What is SYN Flood attack? What is Ping of Death attack?What is Teardrop attack? What is LAND attack?What is a Wireless LAN? Wireless FAQWhat is IP Spoofing attack? What are the advantages of Wireless LANs?Where can you find wireless 802.11 networks? c. Installation FlexibilityWhat are the disadvantages of Wireless LANs? What is an Access Point?What is 802.11a? What is IEEE 802.11?What is 802.11b? What is 802.11g?Can radio signals pass through walls? What is Wi-Fi?Does the 802.11 interfere with Bluetooth devices? Is it possible to use products from a variety of vendors?What is Infrastructure mode? SolutionWhat is Ad Hoc mode? How many Access Points are required in a given area?Why the 2.4 Ghz Frequency range? What is Direct-Sequence Spread Spectrum Technology - DSSS?What is Frequency-hopping Spread Spectrum Technology - FHSS? What is Server Set ID SSID?What is WEP? What is an ESSID?How do I secure the data across an Access Points radio link? What is the difference between 40-bit and 64-bit WEP?What are Insertion Attacks? What is Wireless Sniffer?Can the SSID be encrypted? Open SystemWhat is RADIUS? What is 802.1x?What is AAA? P320W Support NotesWhy cannot access the Prestige from my computer? Trouble ShootingWhy none of the LEDs turn on when connect the Prestige’s power? Why cannot access the Internet?1. Your ISP checks the MAC address P320W Support Notes2. Your ISP checks the Host Name Application Unable to run applicationsZyXEL SUA Supporting Table Outgoing ConnectionP320W Support Notes P320W Support Notes