3-2
SMC EliteConnect WLAN Security System User Guide
3.1
Configuring VPN Security (Airwave Security)
VPN Security (Airwave Security) is a VPN security feature of the WLAN Security
System that allows you to provide strong encryption of data between a client and
the WLAN Access Manager. Airwave Security provides additional security for
data sent over the airwaves, supplanting the relatively insecure Wired Equivalent
Privacy (WEP) of a wireless network.
The WLAN Secure Server offers three choices for encrypting data between a client
and the WLAN Access Manager: PPTP, L2TP/IPSec, and
pure
IPSec.
3.1.1
Point-to-Point Tunneling Protocol (PPTP)
PPTP is a protocol defined by Microsoft for encrypting network data transfers. Its
advantages include its wide availability as it comes pre-installed on all versions of
the Windows operating system including Windows 9x, Windows ME, Windows
NT, Windows 2000, Windows XP, and Windows CE.
PPTP can use a variety of user-level authentication algorithms, including
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP and MS-
CHAP version 2). The WLAN Security System can use the PPTP user
authentication for its own authentication. In this case, the WLAN Secure Server
login page is not necessary. For encryption, it uses either 40-bit or 128-bit MPPE
(Microsoft Point-to-Point Encryption), which employs the RC4 encryption
algorithm.
3.1.2
L2TP/IPSec
L2TP/IPSec is also a Microsoft protocol. It uses the standard IPSec (IP Security)
protocol to encrypt network communications and uses L2TP, an updated and more
secure version of PPTP, for IP address management and user-level authentication.
L2TP clients are pre-installed on Windows 2000 and Windows XP operating
systems.
L2TP can use the same user-level authentication algorithms as PPTP: MS-CHAP
and MS-CHAPv2. As with PPTP, the WLAN Security System can use the L2TP user
authentication as its own authentication. L2TP does not itself provide for any data
encryption; instead, it uses IPSec to encrypt data; see
IPSec
.
Both PPTP and L2TP were originally designed as a means for remote users,
typically the traveling business person, to access their home network while on the
road. As such, both protocols include IP address assignment features that are not
really necessary in a wireless environment. Both protocols also include facilities for
user-level authentication and for non-IP protocols.
Summary of Contents for ELITECONNECT SMC2504W
Page 2: ......
Page 4: ......
Page 14: ...xiv...
Page 18: ...x Preface...
Page 44: ...2 18 Configuring the WLAN Security System...
Page 64: ...4 12 Controlling the System Functions...
Page 74: ...5 10 Viewing System Status...
Page 136: ...6 62 Configuring the Rights Manager Figure 6 72 Filter Redirect Editor Step 6 Click Update...
Page 150: ...6 76 Configuring the Rights Manager...
Page 168: ...B 14 Command Line Interface...
Page 182: ...C 14 Rights Tutorial Figure C 8 Rights for Guest Table C 4 explains the Rights Debugger...
Page 189: ...EliteConnect WLAN Security System User Manual C 21 Figure C 12 Rights Debugger for Fred...
Page 240: ...X 4 Index...
Page 242: ...ii...