Chapter 43 Object
ZyWALL USG Series User’s Guide
824
The following table describes the labels in this screen.
Table 309 Configuration > Object > AP Profile > SSID > Security Profile > Add/Edit Security Profile
LABEL DESCRIPTION
Profile Name Enter up to 31 alphanumeric characters for the profile name. This name is only visible in the
Web Configurator and is only for management purposes. Spaces and underscores are
allowed.
Security Mode Select a security mode from the list: none, wep, wpa2, or wpa2-mix.
Fast Roaming
Settings
IEEE 802.11r fast roaming, which is also known as Fast BSS Transition (FT), allows wireless clients
to quickly move from one AP to another in a WiFi network that uses WPA2 with 802.1x
authentication. Information from the original association is passed to the target AP when the
client roams. The client doesn’t need to perform the whole 802.1x authentication process.
Messages exchanged between the target AP and client are reduced and performed using
one of the two methods:
• Over-the-DS: The wireless client communicates with the target AP via the current AP. The
communication is sent to the target AP through the wired Ethernet connection.
• Over-the-Air: The wireless client communicates directly with the target AP.
802.11r Select this to turn on IEEE 802.11r fast roaming on the AP (Zyxel Device). This is good for
wireless clients that transport a lot of real-time interactive traffic, such as voice and video.
Wireless clients should also support WPA2 and fast roaming to associate with the AP (Zyxel
Device) and roam seamlessly.
Radius Server Type Select Internal to use the Zyxel Device’s internal authentication database, or External to use
an external RADIUS server for authentication.
Primary / Secondary
Radius Server
Activate
Select this to have the Zyxel Device use the specified RADIUS server.
Radius Server IP
Address
Enter the IP address of the RADIUS server to be used for authentication.
Radius Server Port Enter the port number of the RADIUS server to be used for authentication.
Radius Server Secret Enter the shared secret password of the RADIUS server to be used for authentication.
MAC Authentication Select this to use an external server or the Zyxel Device’s local database to authenticate
wireless clients by their MAC addresses. Users cannot get an IP address if the MAC
authentication fails.
An external server can use the wireless client’s account (username/password) or Calling
Station ID for MAC authentication. Configure the ones the external server uses.
Delimiter
(Account)
Select the separator the external server uses for the two-character pairs within account
MAC addresses.
Case (Account) Select the case (upper or lower) the external server requires for letters in the account MAC
addresses.
Delimiter (Calling
Station ID)
RADIUS servers can require the MAC address in the Calling Station ID RADIUS attribute.
Select the separator the external server uses for the pairs in calling station MAC addresses.
Case (Calling
Station ID)
Select the case (upper or lower) the external server requires for letters in the calling station
MAC addresses.
802.1X Select this to enable 802.1x secure authentication.
Auth. Method This field is available only when you set the RADIUS server type to Internal.
Select an authentication method if you have created any in the Configuration > Object >
Auth. Method screen.
Reauthenticatio
n Timer
Enter the interval (in seconds) between authentication requests. Enter a 0 for unlimited
requests.
The following fields are available if you set Security Mode to wep.
To Next Page
Loading...
