Encryption; User Authentication; Wpa(2)-Psk Application Example - ZyXEL Communications ZyXEL ZyAIR G-570S User Manual

802.11g wireless access point

Hide thumbs Also See for ZyXEL ZyAIR G-570S:

Quick start manual (4 pages)

Specifications (2 pages)

User manual (154 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

Key differences between WPA(2) and WEP are improved data encryption and user

authentication.

If both an AP and the wireless clients support WPA2 and you have an external RADIUS

server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server,

you should use WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical)

password entered into each access point, wireless gateway and wireless client. As long as the

passwords match, a wireless client will be granted access to a WLAN.

If the AP or the wireless clients do not support WPA2, just use WPA or WPA-PSK depending

on whether you have an external RADIUS server or not.

Select WEP only when the AP and/or wireless clients do not support WPA or WPA2. WEP is

less secure than WPA or WPA2.

6.10.1 Encryption

Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol

(TKIP), Message Integrity Check (MIC) and IEEE 802.1x. In addition to TKIP, WPA2 also

uses Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining

Message authentication code Protocol (CCMP) to offer stronger encryption.

The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only

difference between the two is that WPA-PSK uses a simple common password, instead of

user-specific credentials. The common-password approach makes WPA(2)-PSK susceptible to

brute-force password-guessing attacks but it's still an improvement over WEP as it employs

an easier-to-use, consistent, single, alphanumeric password.

6.10.2 User Authentication

WPA or WPA2 applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to

authenticate wireless clients using an external RADIUS database.

6.11 WPA(2)-PSK Application Example

A WPA(2)-PSK application looks as follows.

1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key

(PSK) must consist of between 8 and 63 ASCII characters (including spaces and

symbols).

2 The AP checks each client's password and (only) allows it to join the network if it

matches its password.

3 The AP derives and distributes keys to the wireless clients.

4 The AP and wireless clients use the TKIP or AES encryption process to encrypt data

exchanged between them.

Chapter 6 Wireless Screens

ZyXEL G-570S User's Guide

Table of Contents

Encryption; User Authentication; Wpa(2)-Psk Application Example - ZyXEL Communications ZyXEL ZyAIR G-570S User Manual

6.10.1 Encryption

6.10.2 User Authentication

6.11 WPA(2)-PSK Application Example

Troubleshooting

Related Manuals for ZyXEL Communications ZyXEL ZyAIR G-570S

Related Content for ZyXEL Communications ZyXEL ZyAIR G-570S

Table of Contents