ParkerVision WR3000 Network Router User Manual


 
WR3000 4-Port Wireless DSL/Cable Router
®
54
7.6.1 EAP Authentication Overview - Continued
The type of authentication you use depends on the RADIUS server or the AP. The WR3000
Wireless Router supports EAP-TLS, EAP-TTLS and DEAP with RADIUS. Refer to the Types of
EAP Authentication appendix for descriptions on the four common types.
Your WR3000 Wireless Router supports EAP-MD5 (Message-Digest Algorithm 5) with the local
user database and RADIUS. The following fi gure shows an overview of authentication when you
specify a RADIUS server on your Wireless Router.
The details below provide a general description of how IEEE 802. lx EAP authentication works.
For an example list of EAP-MD5 authentication steps, see the IEEE 802.lx appendix.
• The wireless station sends a “start” message to the WR3000 Wireless Router.
• The WR3000 Wireless Router sends a “request identity” message to the wireless station for
identity information.
• The wireless station replies with identity information, including username and password.
• The RADIUS server checks the user information against its user profi le database and
determines whether or not to authenticate the wireless station.
7.7 Dynamic WEP Key Exchange
The AP maps a unique key that is generated with the RADIUS server. This key expires when
the wireless connection times out, disconnects or reauthentication times out. A new WEP key is
generated each time reauthentication is performed.
If this feature is enabled, it is not necessary to confi gure a default encryption key in the Wireless
screen. You may still confi gure and store keys here, but they will not be used while Dynamic
WEP is enabled.
To use Dynamic WEP, enable and confi gure the RADIUS server (see section 7.11) and enable
Dynamic WEP Key Exchange in the 802.lx screen. Ensure that the wireless station’s EAP type
is confi gured to one of the following:
EAP-TLS
• EAP-TTLS
• PEAP
EAP-MD5 cannot be used with Dynamic WEP Key Exchange.