1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. ME103v4
    5. /
  5. 16
Page 76 / 118 Scroll up to view Page 71 - 75
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
B-6
Wireless Networking Basics
August 2003
Note:
Some 802.11 access points also support
Use WEP for Authentication Only
(Shared Key
Authentication without data encryption). However, the ME103 does not offer this option.
Key Size
The IEEE 802.11 standard supports two types of WEP encryption: 40-bit and 128-bit.
The 64-bit WEP data encryption method, allows for a five-character (40-bit) input. Additionally,
24 factory-set bits are added to the forty-bit input to generate a 64-bit encryption key. (The 24
factory-set bits are not user-configurable). This encryption key will be used to encrypt/decrypt all
data transmitted via the wireless interface. Some vendors refer to the 64-bit WEP data encryption
as 40-bit WEP data encryption since the user-configurable portion of the encryption key is 40 bits
wide.
The 128-bit WEP data encryption method consists of 104 user-configurable bits. Similar to the
forty-bit WEP data encryption method, the remaining 24 bits are factory set and not user
configurable. Some vendors allow passphrases to be entered instead of the cryptic hexadecimal
characters to ease encryption key entry.
128-bit encryption is stronger than 40-bit encryption, but 128-bit encryption may not be available
outside of the United States due to U.S. export regulations.
When configured for 40-bit encryption, 802.11 products typically support up to four WEP Keys.
Each 40-bit WEP Key is expressed as 5 sets of two hexadecimal digits (0-9 and A-F). For
example, “12 34 56 78 90” is a 40-bit WEP Key.
When configured for 128-bit encryption, 802.11b products typically support four WEP Keys but
some manufacturers support only one 128-bit key. The 128-bit WEP Key is expressed as 13 sets of
two hexadecimal digits (0-9 and A-F). For example, “12 34 56 78 90 AB CD EF 12 34 56 78 90”
is a 128-bit WEP Key.
Note:
Typically, 802.11 access points can store up to four 128-bit WEP Keys but some 802.11
client adapters can only store one. Therefore, make sure that your 802.11 access and client
adapters configurations match.
Page 77 / 118
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
Wireless Networking Basics
B-7
August 2003
WEP Configuration Options
The WEP settings must match on all 802.11 devices that are within the same wireless network as
identified by the SSID. In general, if your mobile clients will roam between access points, then all
of the 802.11 access points and all of the 802.11 client adapters on the network must have the same
WEP settings.
Note:
Whatever keys you enter for an AP, you must also enter the same keys for the client adapter
in the same order. In other words, WEP key 1 on the AP must match WEP key 1 on the client
adapter, WEP key 2 on the AP must match WEP key 2 on the client adapter, etc.
Note:
The AP and the client adapters can have different default WEP Keys as long as the keys are
in the same order. In other words, the AP can use WEP key 2 as its default key to transmit while a
client adapter can use WEP key 3 as its default key to transmit. The two devices will communicate
as long as the AP’s WEP key 2 is the same as the client’s WEP key 2 and the AP’s WEP key 3 is
the same as the client’s WEP key 3.
Wireless Channels
IEEE 802.11b wireless nodes communicate with each other using radio frequency signals in the
ISM (Industrial, Scientific, and Medical) band between 2.4 GHz and 2.5 GHz. Neighboring
channels are 5 MHz apart. However, due to spread spectrum effect of the signals, a node sending
signals using a particular channel will utilize frequency spectrum 12.5 MHz above and below the
center channel frequency. As a result, two separate wireless networks using neighboring channels
(for example, channel 1 and channel 2) in the same general vicinity will interfere with each other.
Applying two channels that allow the maximum channel separation will decrease the amount of
channel cross-talk, and provide a noticeable performance increase over networks with minimal
channel separation.
Page 78 / 118
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
B-8
Wireless Networking Basics
August 2003
The radio frequency channels used are listed in
Table B-1
:
Note:
The available channels supported by the wireless products in various countries are different.
The preferred channel separation between the channels in neighboring wireless networks is 25
MHz (5 channels). This means that you can apply up to three different channels within your
wireless network. There are only 11 usable wireless channels in the United States. It is
recommended that you start using channel 1 and grow to use channel 6, and 11 when necessary, as
these three channels do not overlap.
Table B-1.
802.11b Radio Frequency Channels
Channel
Center Frequency
Frequency Spread
1
2412 MHz
2399.5 MHz - 2424.5 MHz
2
2417 MHz
2404.5 MHz - 2429.5 MHz
3
2422 MHz
2409.5 MHz - 2434.5 MHz
4
2427 MHz
2414.5 MHz - 2439.5 MHz
5
2432 MHz
2419.5 MHz - 2444.5 MHz
6
2437 MHz
2424.5 MHz - 2449.5 MHz
7
2442 MHz
2429.5 MHz - 2454.5 MHz
8
2447 MHz
2434.5 MHz - 2459.5 MHz
9
2452 MHz
2439.5 MHz - 2464.5 MHz
10
2457 MHz
2444.5 MHz - 2469.5 MHz
11
2462 MHz
2449.5 MHz - 2474.5 MHz
12
2467 MHz
2454.5 MHz - 2479.5 MHz
13
2472 MHz
2459.5 MHz - 2484.5 MHz
Page 79 / 118
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
Wireless Networking Basics
B-9
August 2003
Understanding 802.1x Port Based Network Access Control
802.1x is well on its way to becoming an industry standard, and provides an effective wireless
LAN security solution. Windows XP implements 802.1x natively, and the ME103 802.11b
ProSafe Wireless Access Point supports 802.1x. The 802.11i committee is specifying the use of
802.1x to eventually become part of the 802.11 standard.
With 802.11b WEP, all access points and client wireless adapters on a particular wireless LAN
must use the same encryption key. Each sending station encrypts data with a WEP key before
transmission, and the receiving station decrypts it using an identical key. This process reduces the
risk of someone passively monitoring the transmission and gaining access to the data transmitted
over the wireless connections.
However, a major problem with the 802.11 standard is that the keys are cumbersome to change. If
you don't update the WEP keys often, an unauthorized person with a sniffing tool can monitor your
network for less than a day and decode the encrypted messages. In order to use different keys, you
must manually configure each access point and wireless adapter with new keys.
Products based on the 802.11 standard alone offer system administrators no effective method to
update the keys. This might not be too much of concern with a few users, but the job of renewing
keys on larger networks can be a monumental task. As a result, companies either don't use WEP at
all or maintain the same keys for weeks, months, and even years. Both cases significantly heighten
the wireless LAN's vulnerability to eavesdroppers.
IEEE 802.1x offers an effective framework for authenticating and controlling user traffic to a
protected network, as well as dynamically varying encryption keys. 802.1x ties a protocol called
EAP (Extensible Authentication Protocol) to both the wired and wireless LAN media and supports
multiple authentication methods, such as token cards, Kerberos, one-time passwords, certificates,
and public key authentication. For details on EAP specifically, refer to IETF's RFC 2284.
Page 80 / 118
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
B-10
Wireless Networking Basics
August 2003
1.
The client sends an EAP-start message. This begins a series of message exchanges to
authenticate the client.
2.
The access point replies with an EAP-request identity message.
3.
The client sends an EAP-response packet containing the identity to the authentication server.
4.
The authentication server uses a specific authentication algorithm to verify the client's identity.
This could be through the use of digital certificates or other EAP authentication type.
5.
The authentication server will either send an accept or reject message to the access point.
6.
The access point sends an EAP-success packet (or reject packet) to the client.
7.
If the authentication server accepts the client, then the access point will transition the client's
port to an authorized state and forward additional traffic.
1
2
3
4
5
6
7

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top