Eap Authentication; Wpa; Encryption - ZyXEL Communications M-102 User Manual
802.11g wireless mimo cardbus card
Hide thumbs
Also See for M-102:
- Quick start manual (2 pages) ,
- Specifications (2 pages) ,
- Declaration of conformity (1 page)
Table of Contents
Advertisement
2.2.2.1 EAP Authentication
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the
IEEE 802.1x transport mechanism in order to support multiple types of user authentication. By
using EAP to interact with an EAP-compatible RADIUS server, an access point helps a
wireless station and a RADIUS server perform authentication.
The type of authentication you use depends on the RADIUS server and an intermediary AP(s)
that supports IEEE 802.1x. The M-102 supports EAP-TLS, EAP-TTLS and EAP-PEAP. Refer
to
Appendix C on page 71
For EAP-TLS authentication type, you must first have a wired connection to the network and
obtain the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs)
can be used to authenticate users and a CA issues certificates and guarantees the identity of
each certificate owner.
2.2.3 WPA
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard.
Key differences between WPA and WEP are improved data encryption and user
authentication.
If both an AP and the wireless clients support WPA and you have an external RADIUS server,
use WPA for stronger data encryption. If you don't have an external RADIUS server, you
should use WPA-PSK (WPA-Pre-Shared Key) that only requires a single (identical) password
entered into each access point, wireless gateway and wireless client. As long as the passwords
match, a wireless client will be granted access to a WLAN.
Select WEP only when the AP and/or wireless clients do not support WPA. WEP is less secure
than WPA.
2.2.3.1 Encryption
WPA improves data encryption by using Temporal Key Integrity Protocol (TKIP), Message
Integrity Check (MIC) and IEEE 802.1x. WPA uses Advanced Encryption Standard (AES) in
the Counter mode with Cipher block chaining Message authentication code Protocol (CCMP)
to offer stronger encryption than TKIP.
The encryption mechanisms used for WPA and WPA-PSK are the same. The only difference
between the two is that WPA-PSK uses a simple common password, instead of user-specific
credentials. The common-password approach makes WPA-PSK susceptible to brute-force
password-guessing attacks but it's still an improvement over WEP as it employs a consistent,
single, alphanumeric password to derive a PMK which is used to generate unique temporal
encryption keys. This prevent all wireless devices sharing the same encryption keys. (a
weakness of WEP)
Chapter 2 Wireless LAN Network
for descriptions.
ZyXEL M-102 User's Guide
29
Advertisement
Table of Contents
Troubleshooting
