For wireless networks, user names and passwords can be stored in a RADIUS server. This is a server used in businesses more than in homes. If you do not have a RADIUS server, you cannot set up user names and passwords for your users.
Unauthorized wireless devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network.
Local user databases also have an additional limitation that is explained in the next section.
6.2.4 EncryptionWireless networks can use encryption to protect the information that is sent in the wireless network. Encryption is like a secret code. If you do not know the secret code, you cannot understand the message.
The types of encryption you can choose depend on the type of authentication. (See Section 6.2.3 on page 110 for information about this.)
Table 35 Types of Encryption for Each Type of Authentication
|
| No Authentication | RADIUS Server |
Weakest | No Security |
| |
|
|
|
|
|
| Static WEP |
|
|
|
|
|
|
| WPA | |
|
| ||
|
|
|
|
Strongest | WPA2 | ||
|
|
|
|
For example, if the wireless network has a RADIUS server, you can choose WPA or WPA2. If users do not log in to the wireless network, you can choose no encryption, Static WEP, WPA- PSK, or
Usually, you should set up the strongest encryption that every device in the wireless network supports. For example, suppose you have a wireless network with the ZyXEL Device. The ZyXEL Device does not have a local user database, and you do not have a RADIUS server. Therefore, there is no authentication. Suppose the wireless network has two devices. Device A only supports WEP, and device B supports WEP and WPA. Therefore, you should set up Static WEP in the wireless network.
Note: It is recommended that wireless networks use
It is not possible to use
Chapter 6 Wireless LAN | 111 |