Chapter 10 WLAN
ZyWALL 5/35/70 Series User’s Guide
223
10.8 WEP Encryption
WEP (Wired Equivalent Privacy) as specified in the IEEE 802.11 standard provides methods
for both data encryption and wireless station authentication. WEP provides a mechanism for
encrypting data using encryption keys. Both the AP and the wireless stations must use the
same WEP key to encrypt and decrypt data. Your ZyWALL allows you to configure up to four
64-bit or 128-bit WEP keys, but only one key can be used at any one time.
10.9 802.1x Overview
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of
wireless stations and encryption key management. Authentication can be done using the local
user database internal to the ZyWALL (authenticate up to 32 users) or an external RADIUS
server for an unlimited number of users.
10.9.1 Introduction to RADIUS
A RADIUS (Remote Authentication Dial In User Service) server enables user authentication,
authorization and accounting. RADIUS is based on a client-sever model that supports
authentication and accounting, where access point is the client and the server is the RADIUS
server. The RADIUS server handles the following tasks among others:
• Authentication
Determines the identity of the users.
• Accounting
Keeps track of the client’s network activity.
RADIUS user is a simple package exchange in which your ZyWALL acts as a message relay
between the wireless station and the network RADIUS server. See RFC 2138 and RFC 2139
for more on RADIUS.
10.9.1.1 Types of RADIUS Messages
The following types of RADIUS messages are exchanged between the access point and the
RADIUS server for user authentication:
• Access-Request
Sent by an access point requesting authentication.
• Access-Reject
Sent by a RADIUS server rejecting access.
• Access-Accept
WPA TKIP No Enable
WPA-PSK TKIP Yes Enable
Table 57 Wireless Security Relational Matrix (continued)
AUTHENTICATION
METHOD/ KEY
MANAGEMENT
PROTOCOL
ENCRYPTION
METHOD
ENTER
MANUAL
KEY
IEEE 802.1X
To Next Page
Loading...
