Types of Authentication, 247 | ZyXEL Communications NBG-417N

Appendix D Wireless LANs

Types of RADIUS Messages

The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication:

•Access-Request

Sent by an access point requesting authentication.

•Access-Reject

Sent by a RADIUS server rejecting access.

•Access-Accept

Sent by a RADIUS server allowing access.

•Access-Challenge

Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access-Request message.

The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting:

•Accounting-Request

Sent by the access point requesting accounting.

•Accounting-Response

Sent by the RADIUS server to indicate that it has started or stopped accounting.

In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access.

Types of Authentication

This appendix discusses some popular authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and LEAP.

The type of authentication you use depends on the RADIUS server or the AP. Consult your network administrator for more information.

EAP-MD5 (Message-Digest Algorithm 5)

MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station. The wireless station ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text.

NBG-417N User’s Guide

247

Image 247

ZyXEL Communications NBG-417N Types of Authentication, 247, Types of Radius Messages, EAP-MD5 Message-Digest Algorithm

Contents

NBG-417N Page Related Documentation About This Users GuideIntended Audience Tips for Reading User’s Guides On-Screen Need More Help? Documentation Feedback Customer Support Syntax Conventions Document Conventions Icons Used in Figures Safety Warnings Contents Overview Contents Overview NBG-417N User’s Guide Table of Contents Part II Network 111 Part III Security 143 Part V Maintenance and Troubleshooting 169 Part VI Appendices and Index Table of Contents NBG-417N User’s Guide Part Page Overview Getting to Know Your NBG-417NApplications Good Habits for Managing the NBG-417N Ways to Manage the NBG-417NLEDs Wlan / WPS PowerFront Panel LEDs and WPS Button LED Color Status Description Getting to Know Your NBG-417N NBG-417N User’s Guide Overview WPS Button WPS Button NBG-417N User’s Guide Accessing the Web Configurator Introducing the Web Configurator Change Password Screen Navigating the Web Configurator Resetting the NBG-417NProcedure to Use the Reset Button Status Screen Icon Key Status Screen Router ModeIcon Description WPS Web Configurator Status Screen Router ModeLabel Description Dhcp Link TAB Function Navigation Panel NAT Screens SummaryLAN WDS WWW Summary Dhcp TableMgmt Summary Packet Statistics Summary Packet Statistics Summary Wlan Station Status Summary Wireless Association List This is the index number of an associated wireless station Introducing the Web Configurator NBG-417N User’s Guide Connection Wizard Wizard Setup System Name Connection Wizard System Information Wizard System Information Domain Name Ssid Connection Wizard Wireless LAN Extend WPA-PSK or WPA2-PSK Security Connection Wizard Internet Configuration Pptp Ethernet ConnectionPPPoE Connection Connection Description Type Wizard PPPoE Connection Wizard Pptp Connection Pptp Connection Wizard Your IP Address Your IP Address IP Address and Subnet Mask WAN IP Address AssignmentPrivate IP Address Ranges DNS Server Address Assignment Wizard WAN IP and DNS Server Addresses WAN IP and DNS Server Address Assignment Wizard WAN MAC Address WAN MAC Address Connection Wizard Complete Connection Wizard Complete Setting your NBG-417N to AP Mode AP Mode Maintenance Sys OP Mode General Status Screen AP Mode Wlan Label Menu AP Mode Configuring Your Settings Wlan and Maintenance Settings LAN SettingsLAN IP Logging in to the Web Configurator in AP Mode AP Mode NBG-417N User’s Guide Tutorials How to Connect to the Internet from an AP Push Button Configuration PBC NBG-417N Example WPS Process PIN Method WPA-PSK Tutorial Network Wireless LAN General Configure Your Notebook Connecting a Wireless Client to a Wireless Network t Bandwidth Management for your Network Configuring Bandwidth Management by Application Tutorial Priority Queue Configuring Bandwidth Management by Custom Application FTP Configuring Bandwidth Allocation by IP or IP RangeRtsp VDO Live Fields Services Real Audio Rtsp VDO Live FTP Services and ValuesWAN LAN IP Tutorials NBG-417N User’s Guide Network Page Example of a Wireless Network Wireless LAN What You Can Do Wireless Security OverviewWhat You Should Know Ssid WPA-PSK WPA2-PSK Types of Encryption for Each Type of AuthenticationNo Authentication Radius Server WPA Network Wireless LAN General General Wireless LAN Screen WPA2-PSK are available in this field No Security WEP Encryption Network Wireless LAN General No Security Ascii WEP WPA-PSK/WPA2-PSK MAC Filter Security Mode field MAC Network Wireless LAN MAC Filter RTS/CTS Wireless LAN Advanced ScreenDtim CTS Quality of Service QoS Screen Network Wireless LAN QoS Network Wireless LAN QoS Application Priority Configuration Application Priority Configuration FTP WPS Screen Network Wireless LAN WPS Scheduling Screen WPS Station Screen Whole day Network Wireless LAN Scheduling WDS Screen Network Wireless LAN WDS Between the NBG-417N and any wireless clients Security Mode Static WEP ASCII/HEX Method Shared Key Network Wireless LAN WDS WPA-PSK/WPA2-PSK Security Mode WPA-PSK/WPA2-PSK Wireless LAN NBG-417N User’s Guide WAN What You Need To Know Configuring Your Internet Connection100 101 MulticastWAN MAC Address Auto-Bridge NetBIOS over TCP/IP102 Ethernet Encapsulation Internet Connection103 104 PPPoE EncapsulationWAN MAC Network WAN Internet Connection PPPoE Encapsulation 105 106 Pptp Encapsulation Network WAN Internet Connection Pptp Encapsulation 107 WAN MAC Address 108 109 Advanced WAN Screen 110 111 LAN LAN TCP/IP IP Pool Setup112 113 LAN IP Screen 114 115 Dhcp Server Advanced Screen General Screen116 Network Dhcp Server Advanced 117 118 Client List Screen Network Dhcp Server Client List 119 120 121 Network Address Translation NAT 122 General NAT Screen 123 NAT Application Screen Network NAT Application 124 125 126 NAT Advanced Screen 127 Trigger Port Forwarding Example 128 Two Points To Remember About Trigger Ports DynDNS Wildcard Dynamic DNS129 130 Dynamic DNS ScreenDNS 131 132 133 Part 134 135 Firewall 136 About the NBG-417N Firewall General Firewall Screen Services Screen137 Icmp 138 139 Content FilteringContent Filtering Profiles Restrict Web Features 140 Filter ScreenKeyword Blocking URL Checking Domain Name or IP Address URL Checking Technical ReferenceCustomizing Keyword Blocking URL Checking 141 Full Path URL Checking 142File Name URL Checking 143 Management 144 145 Static Route 146 IP Static Route Screen 147 Static Route Setup Screen 148 149 Bandwidth Management 150 General Configuration 151 Advanced Configuration Management Bandwidth Mgmt Advanced 152 You can either leave the second port field blank or enter 153Same port number again Priority Levels User Defined Service Rule Configuration154 155 Predefined Bandwidth Management ServicesMedia Bandwidth Management Setup Services Service Description 156 Services and Port Numbers 157 Remote Management 158 System TimeoutRemote Management Limitations Remote Management and NAT 159 WWW Screen 160 NAT Traversal How do I know if Im using UPnP?Universal Plug-and-Play UPnP 161 162 UPnP Screen 163 Using UPnP in Windows XP Example Network Connections 164 165 Internet Connection Properties Advanced Settings 166 Web Configurator Easy Access Network Connections My Network Places 167 Network Connections My Network Places Properties Example 168 169 Maintenance Troubleshooting 170 System General Screen System171 172 173 Time Setting Screen Select User Defined Time Server Address and enter the IP 174 175 176 177 Logs 178 View Log Screen Firmware Upload Screen Tools179 180 Maintenance Tools Firmware Network Temporarily Disconnected Upload Error Message Backup Configuration Configuration Screen182 Maintenance Restore Configuration Restore Configuration183 Restart Screen Back to Factory Defaults184 185 Sys OP ModeRouter 186 IP Address in AP Mode 187 Maintenance Sys Op Mode General AP 188 Language Screen Language189 190 Power, Hardware Connections, and LEDs Troubleshooting191 192 NBG-417N Access and Login Advanced Suggestions 193 194 Internet Access 195 Resetting the NBG-417N to Its Factory Defaults 196 Wireless Router/AP Troubleshooting 197 Can access the Web Configurator after I switched to AP mode 198 PWR, LAN1-4, WAN, WLAN/WPS Product SpecificationsHardware Features 199 200 Firmware FeaturesSuch as microwave ovens, wireless phones Bluetooth enabled devices, and other wireless LANs 201 202 203 Appendices Index 204 Structure Introduction to IP Addresses205 1ST 2ND 3RD 4TH Octet Subnet Masks206 Subnet Mask Identifying Network Number Binary 1ST 2ND 3RD 4TH Decimal Octet 207Network Size Subnet Masks Alternative Subnet Mask Notation Notation208 Maximum Host Numbers 209 Subnetting 210 Example Four Subnets IP/SUBNET Mask Network Number Last Octet BIT Value 211 Subnet Planning Example Eight Subnets212 NO. Borrowed Subnet Mask NO. Hosts PER Host Bits Subnets Configuring IP Addresses213 16-bit Network Number Subnet Planning Private IP Addresses 214 Internet Explorer Pop-up Blockers Disable pop-up Blockers215 216 Enable pop-up Blockers with Exceptions 217 Select Settings…to open the Pop-up Blocker Settings screen 218 JavaScripts Internet Options Security 219 220 Java Permissions Java Sun 221 Java Sun 222 223 Setting up Your Computer’s IP Address Windows 95/98/Me Installing Components224 225 Configuring 226 Verifying Settings 227 Windows 2000/NT/XP Windows XP Control Panel 228 Windows XP Local Area Connection Properties 229 Windows XP Internet Protocol TCP/IP Properties 230 Windows XP Advanced TCP/IP Properties 231 232 233 Macintosh OS 8/9 Macintosh OS 8/9 TCP/IP 234 235 Macintosh OS Linux Using the K Desktop Environment KDE236 Red Hat 9.0 KDE Ethernet Device General 237 238 Using Configuration Files Red Hat 9.0 DNS Settings in resolv.conf Red Hat 9.0 Static IP Address Setting in ifconfig-eth0 240 Verifying Settings Ad-hoc Wireless LAN Configuration Wireless LAN Topologies241 242 Basic Service Set 243 Channel RTS/CTS 244 245 Ieee 802.11g Wireless LANFragmentation Threshold Preamble Type Data Rate Modulation Mbps Ieee246 Ieee 802.11g EAP-MD5 Message-Digest Algorithm Types of Authentication247 Types of Radius Messages Peap Protected EAP EAP-TTLS Tunneled Transport Layer Service248 EAP-TLS Transport Layer Security Encryption Comparison of EAP Authentication TypesWPA2 249 250 User Authentication 25.0.3 WPA2 with Radius Application Example 25.0.2 WPA2-PSK Application Example251 252 Wireless Security Relational MatrixAuthentication Encryptio Enter METHOD/ KEY Security Parameters Summary 253 Examples of ServicesName Protocol Ports Description 254 255 256 Disclaimer CopyrightCertifications 257 FCC Radiation Exposure Statement 258Industry Canada Statement IC Radiation Exposure Statement 259Viewing Certifications End-User License Agreement for NBG-417N 260 ZyXEL Limited WarrantyRegistration 261 262 263 264 265 Index Essid 266 Radius 267 Ssid 31, 55, 76 268 269 270