beautypg.com

2 mac address filter, 3 user authentication, 4 encryption – ZyXEL Communications ZyXEL ZyWALL 2WG User Manual

Page 183

background image

Chapter 10 Wireless LAN

ZyWALL 2WG User’s Guide

183

10.6.2 MAC Address Filter

Every wireless client has a unique identification number, called a MAC address.

2

A MAC

address is usually written using twelve hexadecimal characters

3

; for example, 00A0C5000002

or 00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate
User’s Guide or other documentation.

You can use the MAC address filter to tell the AP which wireless clients are allowed or not
allowed to use the wireless network. If a wireless client is allowed to use the wireless network,
it still has to have the correct settings (SSID, channel, and security). If a wireless client is not
allowed to use the wireless network, it does not matter if it has the correct settings.

This type of security does not protect the information that is sent in the wireless network.
Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized
wireless client. Then, they can use that MAC address to use the wireless network.

10.6.3 User Authentication

You can make every user log in to the wireless network before they can use it. This is called
user authentication. However, every wireless client in the wireless network has to support
IEEE 802.1x to do this.

For wireless networks, there are two typical places to store the user names and passwords for
each user.

• In the AP: this feature is called a local user database or a local database.
• In a RADIUS server: this is a server used in businesses more than in homes.

If your AP does not provide a local user database and if you do not have a RADIUS server,
you cannot set up user names and passwords for your users.

Unauthorized devices can still see the information that is sent in the wireless network, even if
they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless
users to get a valid user name and password. Then, they can use that user name and password
to use the wireless network.

Local user databases also have an additional limitation that is explained in the next section.

10.6.4 Encryption

Wireless networks can use encryption to protect the information that is sent in the wireless
network. Encryption is like a secret code. If you do not know the secret code, you cannot
understand the message.

2.

Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless

networks. These kinds of wireless devices might not have MAC addresses.

3.

Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.

See also other documents in the category ZyXEL Communications Hardware: