manualshive.com logo in svg

ZyXEL Communications Prestige 320W, Поддержка заметок, Страница: 31 / 75

Поделиться
Скачать
ZyXEL Communications Prestige 320W Скачать руководство пользователя страница 31

 

 

P320W Support Notes 

 
 

 

All contents copyright (c) 2005 ZyXEL Communications Corporation.   

31

 

 

 

WEP Configuration 

 

1. Introduction

   

The 802.11 standard describes the communication that occurs in wireless LANs.

 

The Wired Equivalent Privacy (WEP) algorithm is used to protect wireless communication from 

eavesdropping, because wireless transmissions are easier to intercept than transmissions over wired 

networks, and wireless is a shared medium, everything that is transmitted or received over a wireless 

network can be intercepted.

 

WEP relies on a secret key that is shared between a mobile station (e.g. a laptop with a wireless Ethernet 

card) and an access point (i.e. a base station). The secret key is used to encrypt packets before they are 

transmitted, and an integrity check is used to ensure that packages are not modified during the transition. 

Содержание Prestige 320W

Страница 1: ...Prestige 320W 802 11g Wireless Firewall Router Support Notes Version v1 0 September 2005...

Страница 2: ...is PPPoE 51 Does the Prestige support PPPoE 51 How do I know I am using PPPoE 52 Why does my provider use PPPoE 52 Which Internet Applications can I use with the Prestige 52 How can I configure the Pr...

Страница 3: ...What kind of firewall is the P320W 60 Why do you need a firewall when your router has packet filtering and NAT built in 60 What is Denials of Service DoS attack 60 What is Ping of Death attack 61 Wha...

Страница 4: ...ID 67 What is an ESSID 68 How do I secure the data across an Access Point s radio link 68 What is WEP 68 What is the difference between 40 bit and 64 bit WEP 68 What is a WEP key 68 Will 128 bit WEP c...

Страница 5: ...e components needs to be checked before accessing the Internet Before you begin Setting up the Windows Setting up the Prestige router Troubleshooting Before you begin The Prestige is shipped with the...

Страница 6: ...work Protocols and click OK 3 TCP IP Configuration Follow these steps to configure Windows TCP IP In the Control Panel Network window click the TCP IP entry to select it and click Properties button In...

Страница 7: ...browser to configure it 1 Retrieve Prestige Web Please enter the LAN IP address of the Prestige router in the URL location to retrieve the web screen from the Prestige The default LAN IP of the Prest...

Страница 8: ...ght c 2005 ZyXEL Communications Corporation 8 Select Get automatically from ISP if the ISP provides the IP dynamically otherwise select Use Fixed IP address and enter the static IP given by ISP in the...

Страница 9: ...potentially changes each time it is powered on In addition to the servers for specific services SUA supports a default server A service request that does not have a server explicitly designated for it...

Страница 10: ...Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 10 Port numbers for some common services Service Port Number FTP 21 Telnet 23 SMTP 25 DNS Domain Name Server 53 www http W...

Страница 11: ...the WAN IP of the Prestige When the ISP assigns the Prestige a new IP the Prestige must inform the DDNS server the change of this IP so that the server can update its IP to DNS entry Once the IP to D...

Страница 12: ...name that Password Enter the password that the DDNS server gives to you Enable Wildcard Enter the hostname for the wildcard function that the WWW DYNDNS ORG supports Note that Wildcard option is avai...

Страница 13: ...psed SNMP variables are defined using the OSI Abstract Syntax Notation One ASN 1 ASN 1 specifies how a variable is encoded in a transmitted data frame it is very powerful because the encoded data is s...

Страница 14: ...Traversal operations NMSs use these operations to determine which variables a managed device supports and to sequentially gather information from variable tables such as IP routing table in managed de...

Страница 15: ...variables within an agent Trap Used by the agent to inform the NMS of some events The SNMPv1 messages contains two part The first part contains a version and a community name The second part contains...

Страница 16: ...n RFC 1215 If the machine coldstarts the trap will be sent after booting warmStart defined in RFC 1215 If the machine warmstarts the trap will be sent after booting linkDown defined in RFC 1215 If any...

Страница 17: ...reboot for some fatal errors And traps with the message of the fatal code will be sent 4 Configure the Prestige for SNMP The SNMP related settings in Prestige are configured in Management Remote Manag...

Страница 18: ...rmal gateway Thus make your backup gateway as an auxiliary backup of your WAN connection Once Prestige detects it s WAN connectivity is broken Prestige will try to forward outgoing traffic to backup g...

Страница 19: ...ny type of physical networking media wired or wireless UPnP also supports NAT Traversal which can automatically solve many NAT unfriendly problems By UPnP applications assign the dynamic port mappings...

Страница 20: ...ce by URL link So that users can 2 Using UPnP in ZyXEL devices have DHCP client when the device gets connected to the network it will discover DHCP server on network to get an IP address If not then A...

Страница 21: ...xample we will introduce how to e example in this support note You can learn how MSN benefit from NAT traversal feature in UPnP in this application note In the diagram su we don t need to setup NAT ma...

Страница 22: ...Communications Corporation 22 2 After getting IP address you can go to open MSN application on PC and sign in MSN server 3 Start a Video conversation with one online user 4 On the opposite side your p...

Страница 23: ...P320W Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 23 5 Finally your video conversation is achieved...

Страница 24: ...Mode 1 What is Infrastructure mode Infrastructure mode sometimes referred to as Access Point mode is an operating mode of an 802 11b Wi Fi client unit In infrastructure mode the client unit can assoc...

Страница 25: ...Communications Corporation 25 2 Configuration Wireless Access Point to Infrastructure mode using Web configurator To configure Infrastructure mode of your P320W please follow the steps below a From th...

Страница 26: ...please refer to the user s guide for detail or web help located on the page c Finished 3 Configuration Wireless Station to Infrastructure mode To configure Infrastructure mode on your ZyAIR B 100 B 2...

Страница 27: ...ns Corporation 27 3 Select Infrastructure from the operation mode pull down menu fill in an SSID or leave it as any if you wish to connect to any AP than press Apply Change to take effect 4 Click on S...

Страница 28: ...P320W Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 28 5 Double click on the AP you want to associated with...

Страница 29: ...the selected AP with Infrastructure Mode Wireless MAC Address Filtering 1 MAC Filter Overview Users can use MAC Filter as a method to restrict unauthorized stations from accessing the APs ZyXEL s APs...

Страница 30: ...u configure the MAC filter you need to know the MAC address of the client first If not knowing what your MAC address is please enter a command ipconfig all after DOS prompt to get the MAC physical add...

Страница 31: ...less transmissions are easier to intercept than transmissions over wired networks and wireless is a shared medium everything that is transmitted or received over a wireless network can be intercepted...

Страница 32: ...rypt and decrypt the data WEP has defenses against this attack To avoid encrypting two cipher texts with the same key stream an Initialization Vector IV is used to augment the shared WEP key secret ke...

Страница 33: ...eed to specify one of the 4 keys as default Key for data encryption To set up the Access Point you will need to set the one of the following parameters o 64 bit WEP key secret key with 5 characters o...

Страница 34: ...34 Key settings Select one WEP key as default key to encrypt wireless data transmission 3 Setting up the Station 1 Double click on the utility icon in your windows task bar or right click the utility...

Страница 35: ...esn t exist in your task bar click Start Programs IEEE802 11b WLAN Card IEEE802 11b WLAN Card 2 Select the Encryption tab Select encryption type correspond with access point Set up 4 Keys which corres...

Страница 36: ...P320W Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 36...

Страница 37: ...456789ABCD IEEE 802 1x 1 IEEE 802 1x Introduction IEEE 802 1x port based authentication is desired to prevent unauthorized devices clients from gaining access to the network As LANs extend to hotels a...

Страница 38: ...ntrols the physical access to the network based on the authentication status of the client The authenticator acts as an intermediary proxy between the client and the authentication server i e RADIUS s...

Страница 39: ...k behind Wireless AP There are two authentication port state on the AP authorized state and unauthorized state By default the port starts in the unauthorized state While in this state the port disallo...

Страница 40: ...identity of the client and begins relaying authentication messages between supplicant and the authentication server Each supplicant attempting to access the network is uniquely identified by the authe...

Страница 41: ...EAP request identity frame to the 802 1x client to request its identity typically the authenticator sends an initial identity request frame followed by one or more requests for authentication informat...

Страница 42: ...Communications Corporation 42 The EAPOL packet contains the following fields protocol version packet type packet body length and packet body Most of the fields are obvious The packet type can have fou...

Страница 43: ...hen it wants to terminate its 802 1x session EAPOL Key This is used for TLS authentication method The Wireless AP uses this packet to send the calculated WEP key to the supplicant after TLS negotiatio...

Страница 44: ...e wireless AP is the client and the server is the RADIUS server The authenticator includes the RADIUS client which is responsible for encapsulating and decapsulating the Extensible Authentication Prot...

Страница 45: ...EAP frames between the supplicant and the authentication server until authentication succeeds or fails If the authentication succeeds the switch port becomes authorized The specific exchange of EAP fr...

Страница 46: ...is a MAP to RF contour of RF coverage in a particular facility With wireless system it is very difficult to predict the propagation of radio waves and detect the presence of interfering signals Walls...

Страница 47: ...uestion where is wireless coverage needed and where does not and note and take note on the diagram this is information is needed to determine the number of AP required 4 Determine the preliminary acce...

Страница 48: ...t s always a good idea to start with putting the access point at the corner of the room and walk away from the access point in a systematic manner Record down the changes at point where transfer rate...

Страница 49: ...ess point installation spot if wireless service is required from corner of the room 6 Repeat step 1 5 and now you should be able to mark an RF coverage area as illustrated in above picutre 7 You may n...

Страница 50: ...ce area over lap one another So the wireless stations are able to roam For more information please refer to roaming at FAQ Product FAQ What is the P320W 802 11g Wireless Firewall Router The P320W 802...

Страница 51: ...device has an Ethernet port you can use the Prestige Besides if your ISP supports PPPoE you can also use the Prestige because PPPoE had been supported in the Prestige What do I need to use the Prestig...

Страница 52: ...ts a broad range of existing applications and service including authentication accounting secure access and configuration management Which Internet Applications can I use with the Prestige Most common...

Страница 53: ...address is mycompany ispname com Jane and John will be able to send e mail through Prestige Internet Access Sharing Router using jane mycompany ispname com and john mycompany ispname com respectively...

Страница 54: ...tically assign IP and DNS addresses to the clients on the local LAN What network interface does the new Prestige series support The Prestige series support 4 10 100M Ethernet LAN port to connect to th...

Страница 55: ...bsolute maximum of 1 5 Mbps To create the appearance of faster network access service companies plan to store or cache frequently requested web sites and Usenet newsgroups on a server at their head en...

Страница 56: ...to enter that PC s IP in Network WAN Internet Connection Once the MAC is received by the Prestige the WAN MAC will be updated and used for the ISP s authentication 2 Your ISP checks the Host Name Some...

Страница 57: ...DHCP to request an IP address What is DDNS The Dynamic DNS service allows you to alias a dynamic IP address to a static hostname allowing your computer to be more easily accessed from various locatio...

Страница 58: ...stname yourhost dyndns org to be aliased to the same IP address as yourhost dyndns org This feature is useful when there are multiple servers inside and you want users to be able to use things such as...

Страница 59: ...es stateful packet inspection to determine if an inbound connection is allowed through the firewall to the private LAN The P320W supports Network Address Translation NAT which translates the private l...

Страница 60: ...the outbound request for that packet and allowed in Conversely an incoming packet masquerading as a response to a nonexistent outbound request can be blocked 3 The P320W s firewall uses session filter...

Страница 61: ...ood attack SYN attack floods a targeted system with a series of SYN packets Each packet causes the targeted system to issue a SYN ACK response while the targeted system waits for the ACK that follows...

Страница 62: ...st modify the packet headers so that it appears that the packets originate from a trusted host and should be allowed through the router or firewall Wireless FAQ What is a Wireless LAN Wireless LANs pr...

Страница 63: ...ve slower than wired LAN The most popular wired LAN is operated in 100Mbps which is almost 10 times of that of Wireless LAN 10Mbps A faster wired LAN standard 1000Mbps which is 100 times faster become...

Страница 64: ...able and DSL modems What is 802 11a 802 11a the second revision of 802 11 that operates in the unlicensed 5 GHz band and allows transmission rates of up to 54Mbps 802 11a uses OFDM orthogonal frequenc...

Страница 65: ...e connecting printers to computers and connecting modems or hands free kits to mobile phones Does the 802 11 interfere with Bluetooth devices Any time devices are operated in the same frequency band t...

Страница 66: ...icly shared data networks designed to provide coverage in metropolitan areas and along traffic corridors WWANs are owned by a service provider or carrier Data rates are low and charges are based on us...

Страница 67: ...vers an FHSS transmission appears to be short duration impulse noise 802 11 may use FHSS or DSSS Do I need the same kind of antenna on both sides of a link No Provided the antenna is optimally designe...

Страница 68: ...strator to define a set of respective Keys for each wireless network user based on a Key String passed through the WEP encryption algorithm Access is denied by anyone who does not have an assigned key...

Страница 69: ...ks The insertion attacks are based on placing unauthorized devices on the wireless network without going through a security process and review What is Wireless Sniffer An attacker can sniff and captur...

Страница 70: ...nt through the interface auto enables 802 1X and causes the port to begin in the unauthorized state allowing only EAPOL frames to be sent and received through the port The authentication process begin...

Страница 71: ...and Prompt window type ping followed by the Prestige s LAN IP address 192 168 1 1 is the default and then press ENTER The Prestige should reply Use Internet Explorer 6 0 and later or Netscape Navigato...

Страница 72: ...supports to clone the MAC from the first PC the ISP installed to be its WAN MAC To clone the MAC from the PC you need to enter that PC s IP in Network WAN Internet Connection Once the MAC is received...

Страница 73: ...plication is not in the table or it is in the table but still does not work please configure the workstation which runs the applications as the SUA default server and try again 3 If it still does not...

Страница 74: ...ient IP Cornell 1 1 Cu SeeMe None 7648 client IP White Pine 3 1 2 Cu SeeMe 7648 client IP 24032 client IP Default client IP White Pine 4 0 Cu SeeMe 7648 client IP 24032 client IP Default client IP Mic...

Страница 75: ...nd Voice None for Chat File transfer Video and Voice Net2Phone None 6701 client IP Network Time Protocol NTP None 123 server IP Win2k Terminal Server None 3389 server IP Remote Anything None 3996 4000...

Отзывы:

Нет отзывов