User's Manual

ManualsBrandsZyXEL ManualsNetworkingAMG1202-T10A

111

112

113

114

115

116

117

118

119

120

Chapter 8 Wireless LAN

AMG1202-T10A User’s Guide

116

This type of security does not protect the information that is sent in the wireless network.

Furthermore, there are ways for unauthorized wireless devices to get the MAC address of an

authorized device. Then, they can use that MAC address to use the wireless network.

8.8.3.3 User Authentication

Authentication is the process of verifying whether a wireless device is allowed to use the wireless

network. You can make every user log in to the wireless network before using it. However, every

device in the wireless network has to support IEEE 802.1x to do this.

For wireless networks, you can store the user names and passwords for each user in a RADIUS

server. This is a server used in businesses more than in homes. If you do not have a RADIUS server,

you cannot set up user names and passwords for your users.

Unauthorized wireless devices can still see the information that is sent in the wireless network,

even if they cannot use the wireless network. Furthermore, there are ways for unauthorized

wireless users to get a valid user name and password. Then, they can use that user name and

password to use the wireless network.

8.8.3.4 Encryption

Wireless networks can use encryption to protect the information that is sent in the wireless

network. Encryption is like a secret code. If you do not know the secret code, you cannot

understand the message.

The types of encryption you can choose depend on the type of authentication. (See Section 8.8.3.3

on page 116 for information about this.)

For example, if the wireless network has a RADIUS server, you can choose WPA or WPA2. If users

do not log in to the wireless network, you can choose no encryption, Static WEP, WPA-PSK, or

WPA2-PSK.

Usually, you should set up the strongest encryption that every device in the wireless network

supports. For example, suppose you have a wireless network with the ZyXEL Device and you do not

have a RADIUS server. Therefore, there is no authentication. Suppose the wireless network has two

devices. Device A only supports WEP, and device B supports WEP and WPA. Therefore, you should

set up Static WEP in the wireless network.

Note: It is recommended that wireless networks use WPA-PSK, WPA, or stronger

encryption. The other types of encryption are better than none at all, but it is still

possible for unauthorized wireless devices to figure out the original information

pretty quickly.

When you select WPA2 or WPA2-PSK in your ZyXEL Device, you can also select an option (WPA

compatible) to support WPA as well. In this case, if some of the devices support WPA and some

Table 40 Types of Encryption for Each Type of Authentication

NO AUTHENTICATION RADIUS SERVER

Weakest No Security WPA

Static WEP

WPA-PSK

Strongest WPA2-PSK WPA2