![background image](http://html1.mh-extra.com/html/zyxel-communications/p-660h-61/p-660h-61_user-manual_944041333.webp)
Appendix D Wireless LANs
ADSL Router Series User’s Guide
333
RADIUS is a simple package exchange in which your AP acts as a message relay between the
wireless client and the network RADIUS server.
Types of RADIUS Messages
The following types of RADIUS messages are exchanged between the access point and the RADIUS
server for user authentication:
• Access-Request
Sent by an access point requesting authentication.
• Access-Reject
Sent by a RADIUS server rejecting access.
• Access-Accept
Sent by a RADIUS server allowing access.
• Access-Challenge
Sent by a RADIUS server requesting more information in order to allow access. The access point
sends a proper response from the user and then sends another Access-Request message.
The following types of RADIUS messages are exchanged between the access point and the RADIUS
server for user accounting:
• Accounting-Request
Sent by the access point requesting accounting.
• Accounting-Response
Sent by the RADIUS server to indicate that it has started or stopped accounting.
In order to ensure network security, the access point and the RADIUS server use a shared secret
key, which is a password, they both know. The key is not sent over the network. In addition to the
shared key, password information exchanged is also encrypted to protect the network from
unauthorized access.
Types of EAP Authentication
This section discusses some popular authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and
LEAP. Your wireless LAN device may not support all authentication types.
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE
802.1x transport mechanism in order to support multiple types of user authentication. By using EAP
to interact with an EAP-compatible RADIUS server, an access point helps a wireless station and a
RADIUS server perform authentication.
The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that
supports IEEE 802.1x.
For EAP-TLS authentication type, you must first have a wired connection to the network and obtain
the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used
to authenticate users and a CA issues certificates and guarantees the identity of each certificate
owner.
Summary of Contents for P-660H-61
Page 2: ......
Page 6: ...Document Conventions ADSL Router Series User s Guide 6 Server Firewall Telephone Router Switch...
Page 8: ...Safety Warnings ADSL Router Series User s Guide 8...
Page 10: ...Contents Overview ADSL Router Series User s Guide 10...
Page 20: ...Table of Contents ADSL Router Series User s Guide 20...
Page 21: ...21 PART I User s Guide...
Page 22: ...22...
Page 28: ...Chapter 1 Introduction ADSL Router Series User s Guide 28...
Page 40: ...Chapter 3 Status Screens ADSL Router Series User s Guide 40...
Page 76: ...Chapter 4 Tutorials ADSL Router Series User s Guide 76...
Page 77: ...77 PART II Technical Reference...
Page 78: ...78...
Page 150: ...Chapter 8 Wireless LAN ADSL Router Series User s Guide 150...
Page 198: ...Chapter 13 Static Route ADSL Router Series User s Guide 198...
Page 202: ...Chapter 14 Port Binding ADSL Router Series User s Guide 202...
Page 208: ...Chapter 15 802 1Q 1P ADSL Router Series User s Guide 208...
Page 258: ...Chapter 21 Sharing a USB Printer ADSL Router Series User s Guide 258...
Page 262: ...Chapter 22 CWMP ADSL Router Series User s Guide 262...
Page 266: ...Chapter 23 System Settings ADSL Router Series User s Guide 266...
Page 270: ...Chapter 24 Logs ADSL Router Series User s Guide 270...
Page 326: ...Appendix C Pop up Windows JavaScripts and Java Permissions ADSL Router Series User s Guide 326...
Page 340: ...Appendix D Wireless LANs ADSL Router Series User s Guide 340...
Page 350: ...Appendix E IPv6 ADSL Router Series User s Guide 350...
Page 362: ...Appendix G Legal Information ADSL Router Series User s Guide 362...