ZyXEL Communications ZyAIR B-500 Network Router User Manual


 
ZyAIR B-500 Wireless Access Point User’s Guide
6-14 Wireless Security
Table 6-5 Wireless: WPA
LABEL DESCRIPTION
ReAuthentication
Timer (in seconds)
Specify how often wireless stations have to reenter usernames and passwords in
order to stay connected. Enter a time interval between 10 and 9999 seconds. The
default time interval is 1800 seconds (30 minutes).
If wireless station authentication is done using a RADIUS
server, the reauthentication timer on the RADIUS server has
priority.
Idle Timeout The ZyAIR automatically disconnects a wireless station from the wired network after
a period of inactivity. The wireless station needs to enter the username and
password again before access to the wired network is allowed. The default time
interval is 3600 seconds (or 1 hour).
WPA Group Key
Update Timer
The WPA Group Key Update Timer is the rate at which the AP (if using WPA-PSK
key management) or RADIUS server (if using WPA key management) sends a new
group key out to all clients. The re-keying process is the WPA equivalent of
automatically changing the WEP key for an AP and all stations in a WLAN on a
periodic basis. Setting of the WPA Group Key Update Timer is also supported in
WPA-PSK mode. The ZyAIR default is 1800 seconds (30 minutes).
6.11 802.1x Overview
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless stations
and encryption key management. Authentication can be done using the local user database internal to the
ZyAIR (authenticate up to 32 users) or an external RADIUS server for an unlimited number of users.
See also the section on RADIUS in this User’s Guide.
6.12 Dynamic WEP Key Exchange
The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless
connection times out, disconnects or reauthentication times out. A new WEP key is generated each time
reauthentication is performed.
If this feature is enabled, it is not necessary to configure a default WEP encryption key in the Wireless
screen. You may still configure and store keys here, but they will not be used while Dynamic WEP is
enabled.
To use Dynamic WEP, enable and configure the RADIUS server (see section 6.20) and enable Dynamic
WEP Key Exchange in the 802.1x screen. Ensure that the wireless station’s EAP type is configured to one of
the following:
EAP-TLS