ZyXEL Communications G-360 88

ZyXEL G-360 User’s Guide

The encryption mechanisms used for WPA and WPA-PSK are the same. The only difference between the two is that WPA-PSK uses a simple common password, instead of user-specific credentials. The common- password approach makes WPA-PSK susceptible to brute-force password-guessing attacks but it’s still an improvement over WEP as it employs an easier-to-use, consistent, single, alphanumeric password.

User Authentication

WPA or WPA2 applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database.

If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server, you should use WPA2 -PSK (WPA2 -Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a wireless client will be granted access to a WLAN.

If the AP or the wireless clients do not support WPA2, just use WPA or WPA-PSK depending on whether you have an external RADIUS server or not.

Select WEP only when the AP and/or wireless clients do not support WPA or WPA2. WEP is less secure than WPA or WPA2.

WPA(2)-PSK Application Example

A WPA(2)-PSK application looks as follows.

1.First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters (including spaces and symbols).

2.The AP checks each wireless client’s password and (only) allows it to join the network if the password matches.

3.The AP derives and distributes keys to the wireless clients.

4.The AP and wireless clients use the TKIP or AES encryption process to encrypt data exchanged between them.

DD	Wireless LANs

Contents

Page Copyright Copyright ©2005 by ZyXEL Communications Corporation Disclaimer Trademarks ZyXEL Limited Warranty NOTE Online Registration Federal Communications Commission (FCC) Interference Statement Notice Caution Certifications Table of Contents Appendix C Management with Wireless Zero Configuration Appendix D Wireless LANs Appendix E Types of EAP Authentication Appendix F Index List of Figures List of Tables List of Tables Getting Started This chapter introduces the G-360and prepares you to use the ZyXEL Utility 1.1About Your G-360 1.2Syntax Conventions 1.3Graphics Icons Key 1.4Application Overview 1.4.1 Infrastructure 1.4.2 Ad-Hoc 1.5G-360Hardware and Utility Installation 1.6Configuration Methods 1.7Accessing the ZyXEL Utility 1.7.1 ZyXEL Utility Screen Summary 1.8Network Connection Methods 1.8.1 Site Survey 360 will be disconnected Figure 1-6Site Survey: Security Settings Figure 1-7Link Info 1.8.2 Profiles Figure 1-9Profile: Add Figure 1-10Profile: Channel Disable WPA WPA2 Ad- Hoc Figure 1-11Profile: Encryption Figure 1-12Profile: Security Back Figure 1-13Profile: Confirm Activate Now Activate Later Figure 1-14Profile: Activate Activating a Profile Only one profile can be activated and used at any given time Activate Figure 1-15Profile Link Info This chapter shows you detailed information about the Link Info screen 2.1Transmission Rate (Transfer Rate) 2.1.1 G-plus 2.2Configuring the Link Info screen Figure 2-1Link Info Table 2-1Link Info Page 2.2.1 Trend Chart Site Survey 3.1Configuring the Site Survey screen Table 3-1Site Survey Security Settings This chapter discusses how to configure wireless security on the G-360 4.1Wireless LAN Security 4.1.1 Data Encryption with WEP 4.2Authentication Type 4.3Configuring Security Settings 4.3.1 WEP Encryption The values for the WEP keys must be set up exactly the same on all wireless devices in the same wireless LAN ASCII WEP keys are case sensitive 4.3.2 WPA-PSK/WPA2-PSK 4.3.3 WPA/WPA2 or You must first have a wired connection to a network and obtain the certificate(s) from a certificate authority (CA) Consult your network administrator for more information Page Profile This chapter describes how to configure and use a profile 5.1Configuring the Profile Screen 5.1.1 Adding a New Profile Figure 5-2Profile: Add New Profile Table 5-2Profile: Add New Profile Page Figure 5-3Profile: Select a Channel Disabled Figure 5-4Profile: Wireless Settings Figure 5-5Profile: Security Settings Exit Figure 5-6Profile: Confirm New Settings is started Figure 5-7Profile: Activate the Profile Page Adapter This chapter discusses OTIST and how to configure the Adapter screen 6.1Introduction to OTIST 6.1.1 Enabling OTIST 6.1.2 Starting OTIST 6.1.3Notes on OTIST 6.2Configuring the Adapter Screen Page Page Maintenance This chapter describes how to uninstall or upgrade the ZyXEL Utility 7.1The About Screen 7.2Uninstalling the ZyXEL Utility 7.3Upgrading the ZyXEL Utility Troubleshooting 8.1Problems Starting the ZyXEL Utility Program 8.2Problem with the Link Status 8.3Problems Communicating With Other Computers 8.4Related Documentation 8.5User Guide Feedback 8.6Customer Support Page Appendix A Product Specifications Page Appendix B Disable Windows XP Wireless LAN Configuration Tool Via the Wireless Network System Tray Icon Wireless Network Connection Advanced… Diagram 2 Windows XP SP1: Wireless Network Connection Change advanced settings Related Tasks Page Via the Control Panel Diagram 6 Windows XP SP1: Wireless Network Connection Status Diagram 7 Windows XP SP2: Wireless Network Connection Status Page Diagram 9 Windows XP SP2: Wireless Network Connection Properties Page Appendix C Management with Wireless Zero Configuration Activating Wireless Zero Configuration Connecting to a Wireless Network Page Page Refresh network list Diagram 14 Windows XP SP2: Wireless Network Connection Chart 2 Windows XP SP2: Wireless Network Connection Refresh Available networks Configure Preferred networks Diagram 15 Windows XP SP1: Wireless Network Connection Properties Connect Anyway Diagram 16 Windows XP SP2: Wireless Network Connection: WEP or WPA-PSK Diagram 17 Windows XP SP2: Wireless Network Connection: No Security Chart 3 Windows XP: Wireless Networks Security Settings Authentication Authentication Wireless (network) properties Diagram 19 Windows XP: Wireless (network) properties: Authentication Chart 5 Windows XP: Wireless (network) properties: Authentication Authentication Properties Wireless (network) properties: Authentication Diagram 20 Windows XP: Protected EAP Properties Chart 6 Windows XP: Protected EAP Properties the certificate(s) from a certificate authority (CA). Consult your network administrator for more information Diagram 21 Windows XP: Smart Card or other Certificate Properties Chart 7 Windows XP: Smart Card or other Certificate Properties Ordering the Preferred Networks Page Diagram 23 Windows XP SP1: Wireless Networks: Preferred Networks Move up Move down Remove Appendix D Wireless LANs Wireless LAN Topologies IEEE WPA(2) Page Diagram 27 WPA(2)-PSKAuthentication Diagram 28 WPA(2) with RADIUS Application Example Appendix E Types of EAP Authentication EAP-MD5 (Message-DigestAlgorithm 5) EAP-TLS(Transport Layer Security) EAP-TTLS(Tunneled Transport Layer Service) LEAP Appendix F Index Online Registration Open authentication mode OTIST See PEAP PEAP