ZyXEL G-162/G-360 User’s Guide

Appendix A

Types of EAP Authentication

This appendix discusses the five popular EAP authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and LEAP. The type of authentication you use depends on the RADIUS server. Consult your network administrator for more information. For the EAP-MD5, please refer to the User’s Guide of Funk Odyssey software.

EAP-MD5 (Message-Digest Algorithm 5)

MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station. The wireless station ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text.

However, MD5 authentication has some weaknesses. Since the authentication server needs to get the plaintext passwords, the passwords must be stored. Thus someone other than the authentication server may access the password file. In addition, it is possible to impersonate an authentication server as MD5 authentication method does not perform mutual authentication. Finally, MD5 authentication method does not support data encryption with dynamic session key. You must configure WEP encryption keys for data encryption.

EAP-TLS (Transport Layer Security)

With EAP-TLS, digital certifications are needed by both the server and the wireless stations for mutual authentication. The server presents a certificate to the client. After validating the identity of the server, the client sends a different certificate to the server. The exchange of certificates is done in the open before a secured tunnel is created. This makes user identity vulnerable to passive attacks. A digital certificate is an electronic ID card that authenticates the sender’s identity. However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle certificates, which imposes a management overhead.

EAP-TTLS (Tunneled Transport Layer Service)

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side authentications to establish a secure connection. Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.

PEAP (Protected EAP)

Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco.

Appendix A

i

Page 70 Page 72
Page 71
Image 71
ZyXEL Communications G-162, G-360 EAP-MD5 Message-Digest Algorithm, EAP-TLS Transport Layer Security, Peap Protected EAP
Page 70 Page 72

G-162, G-360 specifications

ZyXEL Communications is recognized for its innovative networking solutions, and among its notable products are the G-162 and G-360 wireless USB adapters. These devices empower users to connect to wireless networks while delivering robust performance and reliability.

The ZyXEL G-162 is a compact USB adapter designed to provide wireless connectivity to laptops or desktop computers. It supports the IEEE 802.11b/g standards, which ensures compatibility with a wide range of wireless networks. Featuring a sleek design, the G-162 is easy to install, with a plug-and-play capability that enables users to quickly connect to their networks without complex setup procedures. This device operates in the 2.4 GHz frequency band, delivering a maximum wireless speed of up to 54 Mbps, making it suitable for tasks such as web browsing, email, and streaming audio and video.

On the other hand, the ZyXEL G-360 takes connectivity a step further by integrating both wireless and Ethernet connectivity options. Similar to the G-162, it also adheres to the 802.11b/g standards. However, the G-360 provides an additional Ethernet port, which allows users to connect devices that require a wired connection, ensuring flexible networking setups. The G-360 is equipped with advanced security features, including WPA/WPA2 encryption, ensuring that data is transmitted securely across the network.

Both the G-162 and G-360 are designed with user convenience in mind. They come with drive support for various operating systems, including Windows and Mac, making them versatile for different user environments. The compact form factor of these USB adapters means they can be easily transported, allowing users to maintain internet connectivity while on the move.

The build quality of ZyXEL devices is commendable, as they are engineered for durability and long-term use. Moreover, their performance in terms of range and signal stability is enhanced by intelligent antenna placement and power management features, ensuring a reliable connection in various settings.

In conclusion, the ZyXEL G-162 and G-360 are excellent choices for users seeking efficient wireless connectivity solutions. With their extensive features, security protocols, and user-friendly design, these devices highlight ZyXEL’s commitment to improving connectivity and enhancing the user experience in the ever-evolving digital landscape. Whether for home or office use, these wireless USB adapters stand as a testament to ZyXEL's innovation in communication technology.
Top Page Image Contents