Configure
802.1x and WPA
●
What is the WPA Functionality?
●
Configuration for Access Point
●
●
Introduction
What is WPA Functionality?
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft. Key differences between WAP and WEP are user authentication and
improved data encryption WAP applies IEEE 802.1x Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database.
You can not use the ZyAIR's local user database for WPA authentication purpose since the local user database uses MD5 EAP which can not to generate keys.
WPA improves data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check and IEEE 802.1x. Temporal Key Integrity Protocol
uses 128-bits keys that are dynamically generated and distributed by the authentication server. It includes a per-packet key mixing function, a Message Integrity
Check (MIC) named Michael, an extend initialization vector (IV) with sequencing rules and a re-keying mechanism.
If you do not have an external RADIUS, server, you should use WPA-PSK (WPA Pre-Share Key) that only requires a single (identical) password entered into each
access point, wireless gateway and wireless client. As long as the password match, a client will be granted access to a WLAN.
Here comes WPA-PSK Application example for your reference.
●
Configuration for Access point
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless stations and encryption key management. Authentication
cabn be done using local user database internal to the ZyAIR (authenticate up to 32 users) or an external RADIUS server for an unlimited number of users.
1. To change your ZyAIR's authentication settings, click the wireless Wireless link under Advanced.
2. Select 802.1x/WPA tab.
3. choose Authentication Required from the Wireless Port Control.
4. Select the WAP-PSK in the Key Management Protocol field.
5. Type the Pre Shared Key in the Pre-Shared Key field.
6. Click Apply to finish.