Chapter 3 Wireless LANs
N220 User’s Guide
40
• Automatic WEP key generation based on a “password phrase” called a
passphrase. The passphrase is case sensitive. You must use the same
passphrase for all WLAN adapters with this feature in the same WLAN.
For WLAN adapters without the passphrase feature, you can still take advantage
of this feature by writing down the four automatically generated WEP keys from
the Security Settings screen of the ZyXEL utility and entering them manually
as the WEP keys in the other WLAN adapter(s).
•Enter the WEP keys manually.
Your N220 allows you to configure up to four 64-bit or 128-bit WEP keys. Only
one key is used as the default key at any one time.
3.3.1.1.2 Authentication Type
The IEEE 802.11b/g standard describes a simple authentication method between
the wireless stations and AP. Three authentication types are defined: Auto, Open
and Shared.
• Open mode is implemented for ease-of-use and when security is not an issue.
The wireless station and the AP or peer computer do not share a secret key.
Thus the wireless stations can associate with any AP or peer computer and listen
to any transmitted data that is not encrypted.
• Shared mode involves a shared secret key to authenticate the wireless station
to the AP or peer computer. This requires you to enable the wireless LAN
security and use same settings on both the wireless station and the AP or peer
computer.
• Auto authentication mode allows the N220 to switch between the open system
and shared key modes automatically. Use the auto mode if you do not know the
authentication mode of the other wireless stations.
3.3.1.2 IEEE 802.1x
The IEEE 802.1x standard outlines enhanced security methods for both the
authentication of wireless stations and encryption key management.
Authentication can be done using an external RADIUS server.
3.3.1.2.1 EAP Authentication
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on
top of the IEEE 802.1x transport mechanism in order to support multiple types of
user authentication. By using EAP to interact with an EAP-compatible RADIUS
server, an access point helps a wireless station and a RADIUS server perform
authentication.
The type of authentication you use depends on the RADIUS server and an
intermediary AP(s) that supports IEEE 802.1x. The N220 supports EAP-TLS, EAP-
TTLS (at the time of writing, TTLS is not available in Windows Vista) and EAP-
PEAP. Refer to Appendix B on page 131 for descriptions.