beautypg.com

4 encryption – ZyXEL Communications 802.11g ADSL 2+ 4-Port Security Gateway HW-D Series User Manual

Page 125

background image

P-662H/HW-D Series User’s Guide

Chapter 7 Wireless LAN

125

For wireless networks, there are two typical places to store the user names and passwords for
each user.

• In the ZyXEL Device: this feature is called a local user database or a local database.
• In a RADIUS server: this is a server used in businesses more than in homes.

If your ZyXEL Device does not provide a local user database and if you do not have a
RADIUS server, you cannot set up user names and passwords for your users.

Unauthorized wireless devices can still see the information that is sent in the wireless network,
even if they cannot use the wireless network. Furthermore, there are ways for unauthorized
wireless users to get a valid user name and password. Then, they can use that user name and
password to use the wireless network.

Local user databases also have an additional limitation that is explained in the next section.

7.2.4 Encryption

Wireless networks can use encryption to protect the information that is sent in the wireless
network. Encryption is like a secret code. If you do not know the secret code, you cannot
understand the message.

The types of encryption you can choose depend on the type of authentication. (See

Section

7.2.3 on page 124

for information about this.)

For example, if the wireless network has a RADIUS server, you can choose IEEE 802.1x,
IEEE 802.1x + Static WEP, IEEE 802.1x + Dynamic WEP, WPA or WPA2. If users do not
log in to the wireless network, you can choose no encryption, Static WEP, WPA-PSK, or
WPA2-PSK.

Usually, you should set up the strongest encryption that every device in the wireless network
supports. For example, suppose you have a wireless network with the ZyXEL Device. The
ZyXEL Device does not have a local user database, and you do not have a RADIUS server.
Therefore, there is no authentication. Suppose the wireless network has two devices. Device A
only supports WEP, and device B supports WEP and WPA. Therefore, you should set up
Static WEP in the wireless network.

Table 35 Types of Encryption for Each Type of Authentication

No Authentication

Local Database

RADIUS Server

Weakest

None

IEEE 802.1x

IEEE 802.1x

Static WEP

IEEE 802.1x + Static WEP

IEEE 802.1x + Static WEP

IEEE 802.1x + Dynamic WEP

WPA-PSK

WPA

Strongest

WPA2-PSK

WPA2

This manual is related to the following products:
See also other documents in the category ZyXEL Communications Hardware: