ZyXEL Communications MAX208M User Manual page 66

Wimax indoor gateway

Hide thumbs Also See for MAX208M:

User manual (290 pages)

Quick start manual (14 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

Table of Contents

Chapter 6 WiMAX

This screen contains the following fields:

Table 13 Authentication Settings

LABEL

Authentication

Mode

Data Encryption

AES-CCM

AES-CBC

Key Encryption

AES-key

wrap

AES-ECB

EAP Supplicant

EAP Mode

Anonymous

Server Root

CA Cert File

Server Root

CA Info

Device Cert

File

Device Cert

Info

DESCRIPTION

Select the authentication mode from the list.

The WiMAX Device supports the following authentication modes:

•

No authentication

•

User authentication

•

Device authentication

•

User and device authentication

Select this to enable AES-CCM encryption. CCM combines counter-mode

encryption with CBC-MAC authentication.

Select this to enable AES-CBC encryption. CBC creates message

authentication code from a block cipher.

Select this encapsulate cryptographic keys in a symmetric encryption

algorithm.

Select this to divide cryptographic keys into blocks and encrypt them

separately.

Select an Extensible Authentication Protocol (EAP) mode.

The WiMAX Device supports the following:

•

EAP-TLS - In this protocol, digital certifications are needed by both

the server and the wireless clients for mutual authentication. The

server presents a certificate to the client. After validating the

identity of the server, the client sends a different certificate to the

server. The exchange of certificates is done in the open before a

secured tunnel is created. This makes user identity vulnerable to

passive attacks. A digital certificate is an electronic ID card that

authenticates the sender's identity. However, to implement EAP-TLS,

you need a Certificate Authority (CA) to handle certificates, which

imposes a management overhead.

•

EAP-TTLS - This protocol is an extension of the EAP-TLS

authentication that uses certificates for only the server-side

authentications to establish a secure connection. Client

authentication is then done by sending username and password

through the secure connection, thus client identity is protected. For

client authentication, EAP-TTLS supports EAP methods and legacy

authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP

v2.

Enter the anonymous ID used for EAP supplicant authentication.

Browse for and choose a server root certificate file, if required.

This field displays information about the assigned server root

certificate.

Browse for and choose a device certificate file, if required.

This field displays information about the assigned device certificate.

MAX208M User's Guide

Table of Contents

ZyXEL Communications MAX208M User Manual page 66

Related Manuals for ZyXEL Communications MAX208M

Related Products for ZyXEL Communications MAX208M

Table of Contents