Manuals / Brands / Computer Equipment / Network Card / ZyXEL Communications / Computer Equipment / Network Card

ZyXEL Communications G-220F LEAP, PEAP (Protected EAP), Dynamic WEP Key Exchange

1 104

Download 104 pages, 3.99 Mb

ZyXEL G-220F User’ Guide

PEAP (Protected EAP)

Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco.

LEAP

LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE 802.1x.

Dynamic WEP Key Exchange

The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed.

If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless screen. You may still configure and store keys here, but they will not be used while Dynamic WEP is enabled.

Note: EAP-MD5 cannot be used with Dynamic WEP Key Exchange

For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, a simple user name and password pair is more practical. The following table is a comparison of the features of authentication types.

Table 31 Comparison of EAP Authentication Types

	EAP-MD5	EAP-TLS	EAP-TTLS	PEAP	LEAP

Mutual Authentication	No	Yes	Yes	Yes	Yes

Certificate – Client	No	Yes	Optional	Optional	No

Certificate – Server	No	Yes	Yes	Yes	No

Dynamic Key Exchange	No	Yes	Yes	Yes	Yes

Credential Integrity	None	Strong	Strong	Strong	Moderate

Deployment Difficulty	Easy	Hard	Moderate	Moderate	Moderate

Client Identity Protection	No	No	Yes	Yes	No

87	Appendix E

Contents

User’s Guide Copyright Disclaimer Trademarks Federal Communications Commission (FCC) Interference Statement Notice Caution Certifications ZyXEL Limited Warranty Note Online Registration Customer Support Page Table of Contents Wireless Station Mode Configuration Maintenance Appendix A Appendix B Appendix C Appendix D Appendix E Page List of Figures Page List of Tables Page Preface About This User's Guide Related Documentation User Guide Feedback Syntax Conventions Graphics Icons Key Getting Started 1.1 About Your ZyXEL G-220F 1.1.1.1 Infrastructure 1.1.1.2 Ad-Hoc 1.1.1.3 Access Point Mode 1.2 ZyXEL G-220FHardware and Utility Installation 1.3 Configuration Methods 1.4 Windows XP Users Only 1.5 Accessing the ZyXEL Utility 1.6 Connecting to a Wireless LAN Security Settings 1.7 ZyXEL G-220FModes 1.8 ZyXEL Utility Screen Summary Page Wireless LAN Network 2.1 Wireless LAN Overview 2.2 Wireless LAN Security Overview 2.2.2.1 EAP Authentication 2.2.3.1 User Authentication 2.2.3.2 Encryption 2.2.4 WPA(2)-PSKApplication Example 2.2.5 WPA with RADIUS Application Example 2.3 Authentication Type 2.4Preamble Type 2.5 Introduction to OTIST 2.5.1.1 AP 2.5.1.2 Wireless Client 2.5.3Notes on OTIST Wireless Station Mode Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Access Point Mode Page Page Page Page Page Maintenance 5.1 The About Screen 5.2 Uninstalling the ZyXEL Utility 5.3 Upgrading the ZyXEL Utility Page Page Troubleshooting 6.1 Problems Starting the ZyXEL Utility Program 6.2 Problem Connecting to an Access Point 6.3 Problem with the Link Status 6.4 Problems Communicating With Other Computers Appendix A Product Specifications Page Appendix B Access Point Mode Setup Example Configuring the Computer on Which You Install the ZyXEL G- 220F Sharing Enable Internet Connection Sharing for this connection Configuring the Wireless Station Computer Page Via the Wireless Network System Tray Icon Wireless Network Connection Change advanced settings Related Tasks Wireless Networks Page Via the Control Panel Page Page Activating Wireless Zero Configuration Connecting to a Wireless Network Wireless Networks Wireless Network Connection Properties Refresh network list Refresh Available networks Configure Preferred Connect Security Settings Association Authentication Authentication Properties Smart Card or other Certificate Properties Ordering the Preferred Networks Wireless Networks Move up Move down Page Appendix E Types of EAP Authentication PEAP (Protected EAP) LEAP Dynamic WEP Key Exchange WPA Security Parameters Summary Appendix F Setting up Your Computer’s IP Address Windows 95/98/Me Installing Components Protocol Microsoft manufacturers TCP/IP Configuring IP Address Obtain an IP address automatically Specify an IP address Subnet Mask Windows 2000/NT/XP Network and Dial-up Connections 3Right-click Local Area Connection and then click Properties Internet Protocol (TCP/IP) General Use the following IP Address IP address Subnet mask Default gateway Advanced Macintosh OS 8/9 2Select Ethernet built-in from the Connect via list Using DHCP Server Configure: Macintosh OS Apply Now Page Index