ZyXEL Communications AG-200 Computer Drive User Manual


 
ZyXEL AG-200 User’s Guide
WLAN Networking 2-5
Configure the wireless LAN security using the Profile Security Settings screen. If you do not enable any
wireless security on your ZyXEL AG-200, the ZyXEL AG-200’s wireless communications are accessible
to any wireless networking device that is in the coverage area.
2.2.1 Data Encryption with WEP
WEP (Wired Equivalent Privacy) encryption scrambles all data packets transmitted between the ZyXEL
AG-200 and the AP or other wireless stations to keep network communications private. Both the wireless
stations and the access points must use the same WEP key for data encryption and decryption.
There are two ways to create WEP keys in your ZyXEL AG-200.
Automatic WEP key generation based on a “password phrase” called a passphrase. The passphrase
is case sensitive. You must use the same passphrase for all WLAN adapters with this feature in the
same WLAN.
For WLAN adapters without the passphrase feature, you can still take advantage of this feature by
writing down the four automatically generated WEP keys from the Security Settings screen of the
ZyXEL Utility and entering them manually as the WEP keys in the other WLAN adapter(s).
Enter the WEP keys manually.
Your ZyXEL AG-200 allows you to configure up to four 64-bit, 128-bit or 152-bit WEP keys and only one
key is used as the default key at any one time.
2.2.2 IEEE 802.1x
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless
stations and encryption key management. Authentication can be done using an external RADIUS server.
EAP Authentication
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE802.1x
transport mechanism in order to support multiple types of user authentication. By using EAP to interact
with an EAP-compatible RADIUS server, an access point helps a wireless station and a RADIUS server
perform authentication.
The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that supports
IEEE802.1x. The ZyXEL AG-200 supports EAP-TLS, EAP-TTLS and EAP-PEAP.
For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the
certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used to
authenticate users and a CA issues certificates and guarantees the identity of each certificate owner.
2.2.3 WPA
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft. Key differences
between WPA and WEP are user authentication and improved data encryption.