beautypg.com

ZyXEL Communications Parental Control Gateway HS100/HS100W User Manual

Page 285

background image

HomeSafe User’s Guide

29-4

System Security

Table 29-2 Menu 23.4 System Security : IEEE802.1x

FIELD DESCRIPTION

PSK

Type a pre-shared key from 8 to 63 case-sensitive ASCII characters (including spaces
and symbols) when you select WPA-PSK in the Key Management Protocol field.

WPA Mixed
Mode

Select Enable to activate WPA mixed mode. Otherwise, select Disable and configure
Group Data Privacy field.

Data Privacy
for
Broadcast/Mult
icast packets

Group Data Privacy allows you to choose TKIP (recommended) or WEP for broadcast
and multicast (“group”) traffic if the Key Management Protocol is WPA and WPA
Mixed Mode is disabled. WEP is used automatically if you have enabled WPA Mixed
Mode.

All unicast traffic is automatically encrypted by TKIP when WPA or WPA-PSK Key
Management Protocol is selected.

WPA
Broadcast/Mult
icast Key
Update Timer

The WPA Group Key Update Timer is the rate at which the AP (if using WPA-PSK
key management) or RADIUS server (if using WPA key management) sends a new
group key out to all clients. The re-keying process is the WPA equivalent of
automatically changing the WEP key for an AP and all stations in a WLAN on a periodic
basis. Setting of the WPA Group Key Update Timer is also supported in WPA-PSK
mode. The HomeSafe default is 1800 seconds (30 minutes).

Authentication
Databases

The authentication database contains wireless station login information. The local user
database is the built-in database on the HomeSafe. The RADIUS is an external server.
Use this field to decide which database the HomeSafe should use (first) to authenticate
a wireless station.

Before you specify the priority, make sure you have set up the corresponding database
correctly first.

When you configure Key Management Protocol to WPA, the Authentication
Databases must be RADIUS Only. You can only use the Local User Database with
802.1x Key Management Protocol.

Select Local User Database Only to have the HomeSafe just check the built-in user
database on the HomeSafe for a wireless station's username and password.

Select RADIUS Only to have the HomeSafe just check the user database on the
specified RADIUS server for a wireless station's username and password.

Select Local first, then RADIUS to have the HomeSafe first check the user database
on the HomeSafe for a wireless station's username and password. If the user name is
not found, the HomeSafe then checks the user database on the specified RADIUS
server.

Select RADIUS first, then Local to have the HomeSafe first check the user database
on the specified RADIUS server for a wireless station's username and password. If the
HomeSafe cannot reach the RADIUS server, the HomeSafe then checks the local user
database on the HomeSafe. When the user name is not found or password does not
match in the RADIUS server, the HomeSafe will not check the local user database and
the authentication fails.

When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to
cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen.

Once you enable user authentication, you need to specify an external RADIUS server or create
local user accounts on the HomeSafe for authentication.

See also other documents in the category ZyXEL Communications Hardware: