5 introduction to wpa – ZyXEL Communications Parental Control Gateway HS100/HS100W User Manual

HomeSafe User’s Guide

7-6

Wireless Security

Table 7-3 WLAN : Wireless : Static WEP Encryption

LABEL DESCRIPTION

Key 1 to Key
4

The WEP keys are used to encrypt data. Both the HomeSafe and the wireless stations
must use the same WEP key for data transmission.

If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal
characters ("0-9", "A-F").
If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal
characters ("0-9", "A-F").

You must configure all four keys, but only one key can be activated at any one time.
The default key is key 1.

Preamble

Select a preamble type from the drop-down list menu. Choices are Long, Short and
Dynamic. The default setting is Dynamic.

See the section on preamble for more information.

802.11 Mode

Select 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to associate
with the HomeSafe.

Select 802.11g Only to allow only IEEE 802.11g compliant WLAN devices to associate
with the HomeSafe.

Select Mixed to allow either IEEE802.11b or IEEE802.11g compliant WLAN devices to
associate with the HomeSafe. The transmission rate of your HomeSafe might be
reduced.

Max. Frame
Burst

Enable Maximum Frame Burst to help eliminate collisions in mixed-mode networks
(networks with both IEEE 802.11g and IEEE 802.11b traffic) and enhance the
performance of both pure IEEE 802.11g and mixed IEEE 802.11b/g networks.
Maximum Frame Burst sets the maximum time, in microseconds, that the HomeSafe
transmits IEEE 802.11g wireless traffic only.

Type the maximum frame burst between 0 and 1800 (650, 1000 or 1800
recommended). Enter 0 to disable this feature. The default is 650.

Apply

Click Apply to save your changes back to the HomeSafe.

Reset

Click Reset to reload the previous configuration for this screen.

7.5 Introduction to WPA

Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft. Key
differences between WPA and WEP are user authentication and improved data encryption.

7.5.1 User

Authentication

WPA applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless
clients using an external RADIUS database. You can’t use the HomeSafe’s Local User Database
for WPA authentication purposes since the Local User Database uses EAP MD5, which cannot be
used to generate keys. See later in this chapter and the appendices for more information on IEEE
802.1x, RADIUS and EAP.

Therefore, if you don’t have an external RADIUS server you should use WPA-PSK (WPA -Pre-
Shared Key) that only requires a single (identical) password entered into each access point,
wireless gateway and wireless client. As long as the passwords match, a client will be granted
access to a WLAN.

7.5.2 Encryption

WPA improves data encryption by using Temporal Key Integrity Protocol (TKIP), Message
Integrity Check (MIC) and IEEE 802.1x.