ZyXEL Communications G-302 User Manual Download Page 64 | Manualshive

Page: 64 / 71

background image

ZyXEL G-302 v3 User’s Guide

64

Appendix C Wireless Security

EAP-TTLS (Tunneled Transport Layer Service)

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the
server-side authentications to establish a secure connection. Client authentication is then done
by sending username and password through the secure connection, thus client identity is
protected. For client authentication, EAP-TTLS supports EAP methods and legacy
authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.

PEAP (Protected EAP)

Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection,
then use simple username and password methods through the secured connection to
authenticate the clients, thus hiding client identity. However, PEAP only supports EAP
methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card),
for client authentication. EAP-GTC is implemented only by Cisco.

LEAP

LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE
802.1x.

Dynamic WEP Key Exchange

The AP maps a unique key that is generated with the RADIUS server. This key expires when
the wireless connection times out, disconnects or reauthentication times out. A new WEP key
is generated each time reauthentication is performed.

If this feature is enabled, it is not necessary to configure a default encryption key in the
Wireless screen. You may still configure and store keys here, but they will not be used while
Dynamic WEP is enabled.

Note:

EAP-MD5 cannot be used with Dynamic WEP Key Exchange

For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use
dynamic keys for data encryption. They are often deployed in corporate environments, but for
public deployment, a simple user name and password pair is more practical. The following
table is a comparison of the features of authentication types.

Table 26

Comparison of EAP Authentication Types

EAP-MD5

EAP-TLS

EAP-TTLS

PEAP

LEAP

Mutual Authentication

No

Yes

Yes

Yes

Yes

Certificate – Client

No

Yes

Optional

Optional

No

Certificate – Server

No

Yes

Yes

Yes

No

Dynamic Key Exchange

No

Yes

Yes

Yes

Yes

Credential Integrity

None

Strong

Strong

Strong

Moderate

«
...
62
63
64
65
66
...
»

Summary of Contents for G-302

Page 1: ...ZyXEL G 302 v3 802 11g Wireless PCI Adapter User s Guide Version 2 00 Edition 2 5 2007...

Page 2: ......

Page 3: ...yXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it co...

Page 4: ...e user is encouraged to try to correct the interference by one or more of the following measures 1 Reorient or relocate the receiving antenna 2 Increase the separation between the equipment and the re...

Page 5: ...This Class B digital apparatus complies with Canadian ICES 003 Cet appareil num rique de la classe B est conforme la norme NMB 003 du Canada This device has been designed to operate with the antennas...

Page 6: ...ent as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fi...

Page 7: ...Modrany Cesk Republika info cz zyxel com 420 241 091 359 DENMARK support zyxel dk 45 39 55 07 00 www zyxel dk ZyXEL Communications A S Columbusvej 2860 Soeborg Denmark sales zyxel dk 45 39 55 07 07 F...

Page 8: ...ort zyxel es 34 902 195 420 www zyxel es ZyXEL Communications Arte 21 5 planta 28033 Madrid Spain sales zyxel es 34 913 005 345 SWEDEN support zyxel se 46 31 744 7700 www zyxel se ZyXEL Communications...

Page 9: ...1 1 1 2 Ad Hoc 18 1 2 G 302 v3 Hardware and Utility Installation 19 1 3 Configuration Methods 19 1 4 Windows XP Users Only 19 1 5 Accessing the ZyXEL Utility 20 1 6 ZyXEL Utility Screen Summary 20 1 7...

Page 10: ...tings 34 3 2 2 1 WEP Encryption 35 3 2 2 2 WPA WPA2 36 3 2 2 3 WPA PSK WPA2 PSK 37 3 2 3 Confirm Save Screen 38 3 3 The Profile Screen 38 3 3 1 Adding a New Profile 40 3 4 The Adapter Screen 44 Chapte...

Page 11: ...en 39 Figure 20 Profile Add New Profile 40 Figure 21 Profile Wireless Setting Select a Channel 41 Figure 22 Profile Security Setting Encryption Type 42 Figure 23 Profile Security Setting 43 Figure 24...

Page 12: ...Windows XP Protected EAP Properties 58 Figure 41 Windows XP Smart Card or other Certificate Properties 59 Figure 42 Windows XP SP2 Wireless Networks Preferred Networks 61 Figure 43 Windows XP SP1 Wir...

Page 13: ...le 13 Adapter 44 Table 14 About 45 Table 15 Troubleshooting Starting ZyXEL Utility 47 Table 16 Troubleshooting Link Quality 47 Table 17 Troubleshooting Communication Problem 48 Table 18 Product Specif...

Page 14: ...ZyXEL G 302 v3 User s Guide 14 List of Tables...

Page 15: ...nal support documentation User Guide Feedback Help us help you E mail all User Guide related comments questions or suggestions for improvement to techwriters zyxel com tw or send regular mail to The T...

Page 16: ...ZyXEL G 302 v3 User s Guide 16 Preface Graphics Icons Key Access Point Computer Notebook Computer Server Internet Cloud Wireless Signal...

Page 17: ...ction Security WEP Wired Equivalent Privacy WPA PSK WPA Wi Fi Protected Access WPA2 PSK and WPA2 Note You can use WPA and WPA2 with the G 302 v3 only in Microsoft Windows XP or Windows 2000 A built in...

Page 18: ...Infrastructure 1 1 1 2 Ad Hoc In case you prefer to set up a small independent wireless workgroup without an AP use the Ad Hoc mode Ad hoc mode does not require an AP or a wired network Two or more wi...

Page 19: ...lient Manager not supplied Refer to the Odyssey Client Manager documentation for more information Note Do NOT use WZC or the Odyssey Client Manager and the ZyXEL utility at the same time 1 4 Windows X...

Page 20: ...of the G 302 v3 Refer to the following table for details Double click on the ZyXEL wireless LAN utility icon in the system tray to open the ZyXEL utility The ZyXEL utility screens are similar in all...

Page 21: ...n insert the G 302 v3 follow the steps below to connect to a network using the Site Survey screen 1 Make sure a wireless network is available and within range 2 Open the ZyXEL utility and click the Si...

Page 22: ...en varies according to the network s encryption method Configure the same security settings as the associated network Note If the selected network is unavailable or security settings are not correct t...

Page 23: ...ZyXEL G 302 v3 User s Guide Chapter 1 Getting Started 23 Figure 9 ZyXEL Utility Link Info...

Page 24: ...ZyXEL G 302 v3 User s Guide 24 Chapter 1 Getting Started...

Page 25: ...drops below a certain level the G 302 v3 automatically switches to a lower transmission data rate Transmission at lower data speeds is usually more reliable When the communication quality improves ag...

Page 26: ...o four 64 bit or 128 bit WEP keys and only one key is used as the default key at any one time 2 2 2 IEEE 802 1x The IEEE 802 1x standard outlines enhanced security methods for both the authentication...

Page 27: ...P Message Integrity Check MIC and IEEE 802 1x WPA and WPA2 use Advanced Encryption Standard AES in the Counter mode with Cipher block chaining Message authentication code Protocol CCMP to offer strong...

Page 28: ...WPA 2 with RADIUS Application Example You need the IP address of the RADIUS server its port number default is 1812 and the RADIUS shared secret A WPA 2 RADIUS application example with an external RAD...

Page 29: ...pted Shared key mode involves a shared secret key to authenticate the wireless station to the AP or peer computer This requires you to enable the wireless LAN security and use same settings on both th...

Page 30: ...ZyXEL G 302 v3 User s Guide 30 Chapter 2 Wireless LAN Network...

Page 31: ...lowing table describes the labels in this screen Table 3 Link Info LABEL DESCRIPTION Wireless Network Status Profile Name This is the name of the profile you are currently using Network Name SSID The...

Page 32: ...a transmission rate in kilobits per second Kbps Receive Rate This field displays the current data receiving rate in kilobits per second Kbps Authentication This field displays the authentication metho...

Page 33: ...Receive This field displays the current data receiving rate in kilobits per second Kbps Table 5 Site Survey LABEL DESCRIPTION Available Network List Click a column heading to sort the entries or deno...

Page 34: ...eless security activated and the security settings are disabled on the G 302 v3 the screen varies according to the encryption method used by the selected network Channel This field displays the channe...

Page 35: ...y Select a default WEP key to use for data encryption The key displays in the field below Key x where x is a number between 1 and 4 Select this option if you want to manually enter the WEP keys Enter...

Page 36: ...mple common password instead of user specific credentials Select the encryption type TKIP or AES for data encryption Refer to Section 2 2 3 on page 27 for more information Authentication Type Select a...

Page 37: ...e Confirm Save screen Refer to Section 3 2 3 on page 38 Exit Click Exit to return to the Site Survey screen without saving Table 7 Security Settings WPA WPA2 LABEL DESCRIPTION Table 8 Security Setting...

Page 38: ...te a profile each time you start the G 302 v3 the G 302 v3 uses the default profile to connect to any available network with security disabled The default profile is a profile that allows you to conne...

Page 39: ...wireless device is in infrastructure mode but the wireless security is deactivated denotes that the wireless device is in Ad Hoc mode and the wireless security is activated denotes that the wireless...

Page 40: ...etwork type Infrastructure or Ad Hoc of the profile Channel This field displays the channel number used by the profile Security This field shows whether data encryption is activated WEP WPA WPA PSK WP...

Page 41: ...wireless networks within the transmission range or denotes that the wireless device is in infrastructure mode and the wireless security is activated denotes that the wireless device is in infrastruct...

Page 42: ...etting Encryption Type 4 The screen varies depending on the encryption method you select in the previous screen The settings must be exactly the same on the APs or other peer wireless computers as the...

Page 43: ...ave and go to the next screen Click Back to return to the previous screen Otherwise click Exit to go back to the Profile screen without saving Figure 24 Profile Confirm New Settings 6 To use this netw...

Page 44: ...ter LABEL DESCRIPTION Adapter Setting Wireless Mode Select 802 11b Only to have the G 302 v3 connect to an IEEE 802 11b wireless device Select 802 11b g Mixed to have the G 302 v3 connect to either an...

Page 45: ...ing table describes the read only fields in this screen 4 2 Uninstalling the ZyXEL Utility Follow the steps below to remove or uninstall the ZyXEL utility from your computer 1 Click Start Programs ZyX...

Page 46: ...e upgrade follow the steps below 1 Download the latest version of the utility from the ZyXEL web site and save the file on your computer 2 Follow the steps in Section 4 2 on page 45 to remove the curr...

Page 47: ...ay vary depending on the version of Windows Install the G 302 v3 in another computer If the error persists you may have a hardware problem In this case you should contact your local vendor The ZyXEL u...

Page 48: ...v3 computer and the associated AP use the same SSID Change the AP and the associated wireless clients to use another radio channel if interference is high Make sure that the computer and the AP share...

Page 49: ...ge 3 3V Weight 45 5g Dimension W 18 mm L 122 mm H 120 mm RADIO SPECIFICATIONS Media Access Protocol IEEE 802 11 Frequency USA FCC Canada 11 Channels 2 412GHz 2 462GHz Europe ETSI 13 Channels 2 412GHz...

Page 50: ...2 v3 User s Guide 50 Appendix A Product Specifications ZyXEL Utility ZyXEL Wireless Configuration Tool Security 64 128 256 bit WEP WPA WPA PSK WPA2 WPA2 PSK IEEE 802 1x Table 18 Product Specifications...

Page 51: ...and download the support patch for WPA from the Microsoft web site Windows XP SP2 screen shots are shown unless otherwise specified Click the help icon in most screens move the cursor to the item that...

Page 52: ...wing table for details 2 Windows XP SP2 In the Wireless Network Connection Status screen click View Wireless Networks to open the Wireless Network Connection screen Figure 32 Windows XP SP2 Wireless N...

Page 53: ...tab to open the Wireless Network Connection Properties screen Figure 33 Windows XP SP1 Wireless Network Connection Status 3 Windows XP SP2 Click Refresh network list to reload and search for availabl...

Page 54: ...wireless network the Wireless Network Connection screen displays You must set the related fields in the Wireless Network Connection screen to the same security settings as the associated AP and click...

Page 55: ...s network list or the connection icon in the Preferred networks or Available networks list The following table describes the connection icons Security Settings When you configure the ZyXEL wireless LA...

Page 56: ...entication method Share Open WPA or WPA PSK used by the selected network Data Encryption This field automatically shows the encryption type TKIP WEP or Disable used by the selected network Network Key...

Page 57: ...K Click OK to save your changes Cancel Click Cancel to leave this screen without saving any changes you may have made Table 22 Windows XP Wireless network properties Association continued LABEL DESCRI...

Page 58: ...nformation is available Select this check box to have the computer send its information to the network for authentication when a user is not logged on Authenticate as guest when user or computer infor...

Page 59: ...tion authority from the list below Note You must first have a wired connection to a network and obtain the certificate s from a certificate authority CA Consult your network administrator for more inf...

Page 60: ...to check the certificate of the authentication server Connect to these servers Select the check box and specify a domain in the field below to have your computer connect to a server which resides only...

Page 61: ...as shown Figure 43 Windows XP SP1 Wireless Networks Preferred Networks 2 Whenever the ZyXEL wireless LAN adapter tries to connect to a new network the new network is added in the Preferred networks ta...

Page 62: ...ZyXEL G 302 v3 User s Guide 62 Appendix B Management with Wireless Zero Configuration...

Page 63: ...asswords the passwords must be stored Thus someone other than the authentication server may access the password file In addition it is possible to impersonate an authentication server as MD5 authentic...

Page 64: ...a Cisco implementation of IEEE 802 1x Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server This key expires when the wireless connection times out disconnects or...

Page 65: ...poral Key Integrity Protocol TKIP Message Integrity Check MIC and IEEE 802 1x WPA and WPA2 use Advanced Encryption Standard AES in the Counter mode with Cipher block chaining Message authentication co...

Page 66: ...ply IEEE 802 1x and Extensible Authentication Protocol EAP to authenticate wireless stations using an external RADIUS database WPA2 reduces the number of key exchange messages from six to four CCMP 4...

Page 67: ...m 1 The AP passes the wireless client s authentication request to the RADIUS server 2 The RADIUS server then checks the user s identification against its database and grants or denies network access a...

Page 68: ...security features Table 27 Wireless Security Relational Matrix AUTHENTICATION METHOD KEY MANAGEMENT PROTOCOL ENCRYPTION METHOD ENTER MANUAL KEY IEEE 802 1X Open None No Disable Enable without Dynamic...

Page 69: ...on method important note 19 Odyssey Client Manager 19 Wireless Zero Configuration WZC 19 ZyXEL Utility 19 connecting to a WLAN 34 Copyright 3 creating a new profile 40 current configuration 31 current...

Page 70: ...y authentication 29 signal strength 34 site survey 33 connecting to a WLAN network 34 scan 34 security settings 34 SSID 31 33 SSID Service Set Identity 25 statistics 32 support CD 15 syntax convention...

Page 71: ...standard 49 wireless station mode configuration 31 WLAN Security parameters 68 WPA 27 36 65 WPA2 27 36 65 WPA2 Pre Shared Key 27 65 WPA2 PSK 27 37 65 WPA PSK 27 37 65 WZC Wireless Zero Configuration...

Reviews:

No comments

Related manuals for G-302

Brand: ICON Pages: 6

POINT I/O 1734-AENT

Brand: Allen-Bradley Pages: 24

Brand: Gira Pages: 2

Brand: Mesa Pages: 3

Brand: NETGEAR Pages: 2

Brand: Solisto Pages: 12

Brand: SWEEX Pages: 8

Brand: Bose Pages: 124

Brand: Fein Pages: 145

Brand: Eminent Pages: 57

Brand: DeLOCK Pages: 16

Wireless LAN Game Adapter W11

Brand: Hama Pages: 4

Brand: ATTO Technology Pages: 2

Brand: ZyXEL Communications Pages: 3

Brand: Asante Pages: 29

Brand: Wiseup Pages: 161

Brand: Renkforce Pages: 4

Brand: Renkforce Pages: 4

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands