Ieee 802.1X; Wpa And Wpa2 - ZyXEL Communications ZyXEL ZyAIR G-120 User Manual

802.11g wireless cardbus card

Hide thumbs Also See for ZyXEL ZyAIR G-120:

User manual (95 pages)

Specifications (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

Table of Contents

ZyXEL G-120 User's Guide

3.2.3.2 IEEE 802.1x

The IEEE 802.1x standard outlines enhanced security methods for both the authentication of

wireless stations and encryption key management. Authentication can be done using an

external RADIUS server.

3.2.3.2.1 EAP Authentication

EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the

IEEE 802.1x transport mechanism in order to support multiple types of user authentication. By

using EAP to interact with an EAP-compatible RADIUS server, an access point helps a

wireless station and a RADIUS server perform authentication.

The type of authentication you use depends on the RADIUS server and an intermediary AP(s)

that supports IEEE 802.1x. The G-120 supports EAP-TLS and EAP-PEAP. Refer to

Appendix D on page 91

For EAP-TLS authentication type, you must first have a wired connection to the network and

obtain the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs)

can be used to authenticate users and a CA issues certificates and guarantees the identity of

each certificate owner.

3.2.3.3 WPA and WPA2

Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE

802.11i) is a wireless security standard that defines stronger encryption, authentication and

key management than WPA.

Key differences between WPA(2) and WEP are improved data encryption and user

authentication.

Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol

(TKIP), Message Integrity Check (MIC) and IEEE 802.1x. WPA and WPA2 use Advanced

Encryption Standard (AES) in the Counter mode with Cipher block chaining Message

authentication code Protocol (CCMP) to offer stronger encryption than TKIP.

If both an AP and the wireless clients support WPA2 and you have an external RADIUS

server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server,

you should use WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical)

password entered into each access point, wireless gateway and wireless client. As long as the

passwords match, a wireless client will be granted access to a WLAN.

If the AP or the wireless clients do not support WPA2, just use WPA or WPA-PSK depending

on whether you have an external RADIUS server or not.

Select WEP only when the AP and/or wireless clients do not support WPA or WPA2. WEP is

less secure than WPA or WPA2.

for descriptions.

Chapter 3 Wireless LAN Network

Table of Contents

Ieee 802.1X; Wpa And Wpa2 - ZyXEL Communications ZyXEL ZyAIR G-120 User Manual

3.2.3.2 IEEE 802.1x

3.2.3.3 WPA and WPA2

Troubleshooting

Related Manuals for ZyXEL Communications ZyXEL ZyAIR G-120

Related Content for ZyXEL Communications ZyXEL ZyAIR G-120

Table of Contents