Manuals / Brands / Computer Equipment / Network Router / ZyXEL Communications / Computer Equipment / Network Router

ZyXEL Communications ZyAIR B-500 6.2Security Parameters Summary, 6.3WEP Overview, 6.3.1 Data Encryption, WEP, WEP, 64-bit, 128-bit, WEP Encryption, Table 6-2Wireless Security Relational Matrix

1 209

Download 209 pages, 5.42 Mb

ZyAIR B-500 Wireless Access Point User’s Guide

6.2Security Parameters Summary

Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type. You enter manual keys by first selecting 64-bit WEP or 128-bit WEP from the WEP Encryption field and then typing the keys (in ASCII or hexadecimal format) in the key text boxes. MAC address filters are not dependent on how you configure these security features.

Table 6-2 Wireless Security Relational Matrix

AUTHENTICATION	ENCRYPTION	ENTER	IEEE 802.1X
METHOD/ KEY	METHOD	MANUAL KEY
MANAGEMENT PROTOCOL
Open	None	No	Disable

Open	WEP	No	Enable with Dynamic WEP Key

		Yes	Enable without Dynamic WEP Key

		Yes	Disable

Shared	WEP	No	Enable with Dynamic WEP Key

		Yes	Enable without Dynamic WEP Key

		Yes	Disable

WPA	WEP	No	Enable

WPA	TKIP	No	Enable

WPA-PSK	WEP	Yes	Enable

WPA-PSK	TKIP	Yes	Enable

6.3WEP Overview

WEP (Wired Equivalent Privacy) as specified in the IEEE 802.11 standard provides methods for both data encryption and wireless station authentication.

6.3.1 Data Encryption

WEP provides a mechanism for encrypting data using encryption keys. Both the AP and the wireless stations must use the same WEP key to encrypt and decrypt data. Your ZyAIR allows you to configure up to four 64- bit or 128-bit WEP keys, but only one key can be enabled at any one time.

Wireless Security

6-3

Contents

User's Guide Copyright Federal Communications Commission (FCC) Interference Statement ZyXEL Limited Warranty Customer Support Page Table of Contents LOGS Chapter 9 Maintenance Chapter 10 Introducing the SMT Chapter 11 General Setup Chapter 12 LAN Setup Chapter 13 Dial-inUser Setup Chapter 14 SNMP Configuration Chapter 17 Firmware and Configuration File Maintenance A-1 B-1 C-1 Appendix D Wireless LAN and IEEE 802.11 List of Figures Page Page Page List of Tables Page Preface Control Panels Modem User Guide Feedback Part I: OVERVIEW Page Getting to Know Your ZyAIR 1.1Introducing the ZyAIR Wireless Access Point 1.2ZyAIR Features 10/100M Auto-negotiatingEthernet/Fast Ethernet Interface 10/100M Auto-crossoverEthernet/Fast Ethernet Interface 802.11b Wireless LAN Standard Output Power Management Limit the number of Client Connections SSL Passthrough Wireless LAN MAC Address Filtering WEP Encryption Wi-FiProtected Access IEEE 802.1x Network Security SNMP Full Network Management 1.3Applications for the ZyAIR 1.3.1 Internet Access Application 1.3.2 Corporation Network Application Figure 1-2Corporation Network Application Page Introducing the Web Configurator 2.1Accessing the ZyAIR Web Configurator 2.2Resetting the ZyAIR 2.2.1 Method of Restoring Factory-Defaults 2.3Navigating the ZyAIR Web Configurator Page Wizard Setup 3.1Wizard Setup Overview 3.1.1 Channel 3.1.2 ESS ID 3.1.3 WEP Encryption 3.2Wizard Setup: General Setup 3.3Wizard Setup: Wireless LAN 3.4Wizard Setup: Screen Basic Security Table 3-3Wizard 2 : Wireless LAN Setup Extend Security 3.5Wizard Setup: IP Address 3.5.1 IP Address Assignment 3.5.2 IP Address and Subnet Mask Figure 3-3Wizard 3 : IP Address Assignment Table 3-6Wizard 3 : IP Address Assignment You must know the IP address assigned to the ZyAIR (by the DHCP server) to access the ZyAIR again If you change the ZyAIR's IP address, you must use the 3.6Basic Setup Complete Page Part II: SYSTEM, WIRELESS AND IP Page System Screens 4.1System Overview 4.2Configuring General Setup 4.3Configuring Password 4.4Configuring Time Setting Figure 4-3Time Setting Table 4-3Time Setting Page Page Wireless Configuration and Roaming 5.1Wireless LAN Overview 5.1.1 IBSS 5.1.2 BSS 5.1.3 ESS 5.2Wireless LAN Basics 5.2.1 RTS/CTS 5.2.2 Fragmentation Threshold 5.3Preamble Type 5.4Configuring Wireless Figure 5-5Wireless Table 5-1Wireless If you are configuring the ZyAIR from a computer connected to the wireless LAN and you change the ZyAIR’s ESSID or WEP settings, you will lose your wireless connection when you Page 5.5Configuring Roaming 5.5.1 Requirements for Roaming Roaming Figure 5-7Roaming Table 5-2Roaming All APs on the same subnet and the wireless stations must have the Wireless Security 6.1Wireless Security Overview Figure 6-2Wireless Table 6-1Wireless 6.2Security Parameters Summary 6.3WEP Overview 6.3.1 Data Encryption 6.3.2 Authentication 6.4Configuring WEP Encryption Figure 6-4Wireless: Static WEP 6.5Introduction to WPA 6.5.1 User Authentication 6.5.2 Encryption 6.6WPA-PSKApplication Example 6.7Configuring WPA-PSKAuthentication Figure 6-6Wireless: WPA-PSK Table 6-4Wireless: WPA-PSK 6.8Wireless Client WPA Supplicants 6.9WPA with RADIUS Application Example 6.10 Configuring WPA Authentication Figure 6-8Wireless: WPA Table 6-5Wireless: WPA 6.11 802.1x Overview 6.12 Dynamic WEP Key Exchange 6.13 Configuring 802.1x and Dynamic WEP Key Exchange 6.14 Configuring 802.1x and Static WEP Key Exchange Figure 6-10Wireless: 802.1x + Static WEP Table 6-7Wireless: 802.1x + Static WEP 6.15 Configuring Figure 6-11Wireless: 802.1x + No WEP Table 6-8Wireless: 802.1x + No WEP Page 6.16 MAC Filter Figure 6-12MAC Address Filter 6.17 Introduction to RADIUS •Authentication •Accounting Types of RADIUS Messages •Access-Request 6.17.1 EAP Authentication Overview 6.18 Introduction to Local User Database 6.19 Configuring Local User Database Figure 6-14Local User Database 6.20 Configuring RADIUS Figure 6-15RADIUS Table 6-11RADIUS Page IP Screen 7.1Factory Ethernet Defaults 7.2TCP/IP Parameters 7.2.1 IP Address and Subnet Mask 7.3Configuring IP Table 7-1IP Setup Part III: LOGS Page Logs Screens 8.1Configuring View Log 8.2Configuring Log Settings Figure 8-2Log Settings Table 8-2Log Settings Page Page Part IV: MAINTENANCE Page Maintenance 9.1Maintenance Overview 9.2System Status Screen 9.2.1 System Statistics 9.3Association List 9.4Channel Usage Figure 9-4Channel Usage Table 9-4Channel Usage 9.5F/W Upload Screen Table 9-5Firmware Upload Do not turn off the ZyAIR while firmware upload is in progress Firmware Upload in Process Figure 9-6Firmware Upload In Process Figure 9-7Network Temporarily Disconnected 9.6Configuration Screen 9.6.1 Backup Configuration 9.6.2 Restore Configuration 9.6.3 Back to Factory Defaults 9.7Restart Screen Part V: SMT CONFIGURATION Page Introducing the SMT 10.1 Connect to your ZyAIR Using Telnet 10.2 Changing the System Password 10.3 ZyAIR SMT Menu Overview Example Figure 10-3ZyAIR B-500SMT Menu Overview Example 10.4 Navigating the SMT Interface 10.4.1 System Management Terminal Interface Summary Page General Setup 11.1 General Setup 11.1.1 Procedure To Configure Menu Table 11-1Menu 1 General Setup LAN Setup 12.1 LAN Setup 12.2 TCP/IP Ethernet Setup 12.3 Wireless LAN Setup Figure 12-3Menu 3.5 Wireless LAN Setup Table 12-2Menu 3.5 Wireless LAN Setup Page 12.3.1 Configuring MAC Address Filter Figure 12-5Menu 3.5.1 WLAN MAC Address Filter Table 12-3Menu 3.5.1 WLAN MAC Address Filter 12.3.2 Configuring Roaming Table 12-4Menu 3.5.2 Roaming Configuration Dial-inUser Setup 13.1 Dial-inUser Setup Table 13-1Menu 14.1- Edit Dial-inUser SNMP Configuration 14.1 About SNMP 14.2 Supported MIBs 14.3 SNMP Configuration 14.4 SNMP Traps Table 14-2SNMP Traps System Security 15.1 System Security 15.1.1 System Password 15.1.2 Configuring External RADIUS Server Figure 15-3Menu 23.2 System Security : RADIUS Server Table 15-1Menu 23.2 System Security : RADIUS Server 15.1.3 IEEE Figure 15-5Menu 23.4 System Security : IEEE802.1x Table 15-2Menu 23.4 System Security : IEEE802.1x Page Page System Information and Diagnosis 16.1 Overview 16.2 System Status Figure 16-2Menu 24.1 System Maintenance : Status Table 16-1Menu 24.1 System Maintenance : Status 16.3 System Information 16.3.1 System Information 16.3.2 Console Port Speed 16.4 Log and Trace 16.4.1 Viewing Error Log 16.5 Diagnostic Figure 16-8Menu 24.4 System Maintenance : Diagnostic Diagnostic Table 16-3Menu 24.4 System Maintenance Menu : Diagnostic Firmware and Configuration File Maintenance 17.1 Filename Conventions 17.2 Backup Configuration 17.2.1 Backup Configuration Using FTP 17.2.2 Using the FTP command from the DOS Prompt 17.2.3 Backup Configuration Using TFTP 17.2.4 Example: TFTP Command 17.3 Restore Configuration 17.4 Uploading Firmware and Configuration Files 17.4.1 Firmware Upload 17.4.2 Configuration File Upload 17.4.3 Using the FTP command from the DOS Prompt Example 17.4.4 TFTP File Upload 17.4.5 Example: TFTP Command System Maintenance and Information 18.1 Command Interpreter Mode 18.2 Time and Date Setting 18.2.1 Resetting the Time Page Part VI: APPENDICES Page Troubleshooting Problems Starting Up the ZyAIR Problems with the Ethernet Interface Problems with the Password Problems with Telnet Problems with the WLAN Interface Page Brute-ForcePassword Guessing Protection Page Setting up Your Computer’s IP Address Windows 95/98/Me Properties Page Windows 2000/NT/XP Page Page Page Macintosh OS 8/9 Page Macintosh OS Page Page Wireless LAN and IEEE Benefits of a Wireless LAN IEEE Ad-hocWireless LAN Configuration Infrastructure Wireless LAN Configuration Diagram D-2ESS Provides Campus-WideCoverage Page Wireless LAN With IEEE Security Flaws with IEEE Deployment Issues with IEEE Advantages of the IEEE Diagram E-1Sequences for EAP MD5–ChallengeAuthentication Types of EAP Authentication EAP-MD5 (Message-DigestAlgorithm 5) EAP-TLS(Transport Layer Security) EAP-TTLS(Tunneled Transport Layer Service) PEAP (Protected EAP) LEAP IP Subnetting IP Addressing IP Classes Subnet Masks Subnetting Example: Two Subnets Page Example: Four Subnets Example Eight Subnets Subnetting With Class A and Class B Networks Page Command Interpreter Command Syntax Command Usage Page Log Descriptions Chart I-2ICMP Notes Log Commands Log Command Example Page Page Index Page Console Port Speed Log and Trace