Manuals / Brands / Computer Equipment / Computer Hardware / ZyXEL Communications / Computer Equipment / Computer Hardware

ZyXEL Communications NWD-370N Types of EAP Authentication, APPENDIX C, EAP-MD5 (Message-DigestAlgorithm 5)

1 88

Download 88 pages, 2.44 Mb

ZyXEL NWD-370N User’s Guide

APPENDIX C

Wireless Security

Types of EAP Authentication

This section discusses some popular authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and LEAP. Your wireless LAN device may not support all authentication types.

EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE 802.1x transport mechanism in order to support multiple types of user authentication. By using EAP to interact with an EAP-compatible RADIUS server, an access point helps a wireless station and a RADIUS server perform authentication.

The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that supports IEEE 802.1x.

For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used to authenticate users and a CA issues certificates and guarantees the identity of each certificate owner.

EAP-MD5 (Message-Digest Algorithm 5)

MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station. The wireless station ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text.

However, MD5 authentication has some weaknesses. Since the authentication server needs to get the plaintext passwords, the passwords must be stored. Thus someone other than the authentication server may access the password file. In addition, it is possible to impersonate an authentication server as MD5 authentication method does not perform mutual authentication. Finally, MD5 authentication method does not support data encryption with dynamic session key. You must configure WEP encryption keys for data encryption.

Appendix C

71

Contents

User’s Guide Page Copyright Disclaimer Trademarks Certifications Federal Communications Commission (FCC) Interference Statement FCC Radiation Exposure Statement Notices Viewing Certifications Safety Warnings ZyXEL Limited Warranty Note Registration Customer Support Page Page Table of Contents Maintenance Troubleshooting Appendix A Product Specifications Appendix B List of Figures Page List of Tables Page Preface About This User's Guide Related Documentation User Guide Feedback Syntax Conventions Graphics Icons Key Getting Started 1.1 About Your NWD-370N 1.2 Application Overview 1.2.0.1 Infrastructure 1.2.0.2 Ad-Hoc 1.3 NWD-370NHardware and Utility Installation 1.4 Configuration Methods (All) Programs ZyXEL NWD-370N 1.4.2 Accessing the ZyXEL Utility Page Tutorial 2.1Connecting to a Wireless LAN Scan Available Network List SSID_Example3 Confirm Save 2.2Creating and Using a Profile Add Add New Profile Select Activate Now Activate Later Profile List Edit Wireless LAN Network 3.1 Wireless LAN Overview 3.2Wireless LAN Security 3.2.1.1 WEP 3.2.1.2IEEE 3.2.1.3 WPA and WPA2 Page Wireless Configuration 4.1 ZyXEL Utility Screen Summary 4.2 The Link Info Screen Figure 19 Link Info 4.3 The Site Survey Screen Page 4.3.1.1 WEP Encryption 4.3.1.2 WPA-PSK/WPA2-PSK 4.3.1.3 WPA/WPA2 4.3.1.4 IEEE 4.3.2 Confirm Save Screen 4.4 The Profile Screen Figure 27 Profile Table 13 Profile 4.4.1 Adding a New Profile Page WPA WPA2 WPA-PSK WPA2-PSK DISABLE Page 4.5 The Adapter Screen Page Page Maintenance 5.1 The About Screen 5.2 Uninstalling the ZyXEL Utility 5.3 Upgrading the ZyXEL Utility Troubleshooting 6.1 Problems Starting the ZyXEL Utility 6.2 Problems with the Link Quality 6.3 Problems Communicating With Other Computers APPENDIX A Page Activating Wireless Zero Configuration Connecting to a Wireless Network Properties Wireless Networks Wireless Network Connection Properties Refresh network list Refresh Available networks Configure Preferred Wireless Network Connection Security Settings Page Authentication Authentication Properties Smart Card or other Certificate Properties Ordering the Preferred Networks Move up Move down Remove Page Types of EAP Authentication Dynamic WEP Key Exchange WPA and WPA2 User Authentication WPA(2)-PSKApplication Example WPA(2) with RADIUS Application Example Security Parameters Summary Windows 98/Me Installing Components Configuration Protocol Microsoft manufacturers Configuring IP Address Obtain an IP address automatically Specify an IP address Subnet Mask Windows 2000/XP Network Connections Network and Dial-up Connections 3Right-click Local Area Connection and then click Properties Internet Protocol (TCP/IP) General Use the following IP Address IP address Subnet mask Default gateway Advanced Use the following DNS server addresses Preferred DNS server Alternate DNS server 8Click OK to close the Internet Protocol (TCP/IP) Properties window 9Click OK to close the Local Area Connection Properties window Index