Trusted Root Ca - ZyXEL Communications VANTAGE RADIUS 50 Quick Start Manual

Vantage RADIUS 50 Quick Start Guide
MD5 (Message-Digest Algorithm 5)
MD5 authentication is the simplest one-way authentication method. The authentication server sends
a challenge to the wireless station. The wireless station 'proves' that it knows the password by
encrypting the password with the challenge and sends back the information. Password is not sent in
plain text.
PEAP (Protected Extensible Authentication Protocol)
Certificate authentication is used to establish a secure connection, then using simple username and
password methods through the secured connection to authenticate the clients, thus hiding client
identity.
Certificates
Certificates, also called digital Ids are used to authenticate network connections. Certificates are
based on public-private key pairs. A certificate contains the certificate owner's identity and public
key. Certificates provide a way to exchange public keys for use in authentication.
A Certification Authority (CA) issues certificates and guarantees the identity of each certificate
owner. There are commercial certification authorities like CyberTrust or VeriSign and government
certification authorities

5.3 Trusted Root CA

A trusted Root CA is a special kind of certificate that does not require a CA to guarantee
identification. They are also called self-signed certificates and trust is based on knowledge of the
certificates origin. For example, you trust a certificate is from a valid source because you know the
issuer or you trust the service that you are subscribing to.
If you are using MD5 authentication, skip ahead to section 5.4 to set up your Vantage RADIUS for
use with your wireless AP. Otherwise click RADIUS in the main menu and then click ROOT CA
to set up a certificate for use with PEAP authentication.
This certificate is directly downloaded to a computer via an Ethernet connection during a
management session. Clients cannot download the certificate themselves. Therefore the certificate
must be transferred manually to each client wanting to use the network.
9