ZyXEL Communications ZyAIR B-500 Network Router User Manual


 
ZyAIR B-500 Wireless Access Point User’s Guide
Wireless Security 6-7
Table 6-3 Wireless: Static WEP
LABEL DESCRIPTION
Security
Select Static WEP from the drop-down list.
WEP
Encryption
Select 64-bit WEP or 128-bit WEP to enable data encryption.
Authentication
Method
Select Auto, Open System or Shared Key from the drop-down list box.
If WEP encryption is activated, the default setting is Auto.
ASCII Select this option to enter ASCII characters as the WEP keys.
Hex Select this option to enter hexadecimal characters as the WEP keys.
The preceding “0x” is entered automatically.
Key 1 to
Key 4
The WEP keys are used to encrypt data. Both the ZyAIR and the wireless stations must
use the same WEP key for data transmission.
If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal
characters ("0-9", "A-F").
If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal characters
("0-9", "A-F").
You must configure all four keys, but only one key can be used at any one time. The
default key is key 1.
Apply
Click Apply to save your changes back to the ZyAIR.
Reset
Click Reset to begin configuring this screen afresh.
6.5 Introduction to WPA
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft. Key differences
between WPA and WEP are user authentication and improved data encryption.
6.5.1 User Authentication
WPA applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients
using an external RADIUS database. You can’t use the ZyAIR’s Local User Database for WPA
authentication purposes since the Local User Database uses EAP-MD5 which cannot be used to generate
keys. See later in this chapter and the appendices for more information on IEEE 802.1x, RADIUS and EAP.
Therefore, if you don’t have an external RADIUS server you should use WPA-PSK (WPA -Pre-Shared Key)
that only requires a single (identical) password entered into each access point, wireless gateway and wireless
client. As long as the passwords match, a client will be granted access to a WLAN.