1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. ME103v4
    5. /
  5. 17
Page 81 / 118 Scroll up to view Page 76 - 80
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
Wireless Networking Basics
B-11
August 2003
Initial 802.1x communications begin with an unauthenticated supplicant (i.e., client device)
attempting to connect with an authenticator (i.e., 802.11 access point). The access point responds
by enabling a port for passing only EAP packets from the client to an authentication server located
on the wired side of the access point. The access point blocks all other traffic, such as HTTP,
DHCP, and POP3 packets, until the access point can verify the client's identity using an
authentication server (e.g., RADIUS). Once authenticated, the access point opens the client's port
for other types of traffic.
The basic 802.1x protocol provides effective authentication and can offering dynamic key
management using 802.1x as a delivery mechanism. If configured to implement dynamic key
exchange, the 802.1x authentication server can return session keys to the access point along with
the accept message. The access point uses the session keys to build, sign and encrypt an EAP key
message that is sent to the client immediately after sending the success message. The client can
then use contents of the key message to define applicable encryption keys. In typical 802.1x
implementations, the client can automatically change encryption keys as often as necessary to
minimize the possibility of eavesdroppers having enough time to crack the key in current use.
It's important to note that 802.1x doesn't provide the actual authentication mechanisms. When
using 802.1x, you need to choose an EAP type, such as Transport Layer Security (EAP-TLS) or
EAP Tunneled Transport Layer Security (EAP-TTLS), which defines how the authentication takes
place.
The important part to know at this point is that the software supporting the specific EAP type
resides on the authentication server and within the operating system or application software on the
client devices. The access point acts as a “pass through” for 802.1x messages, which means that
you can specify any EAP type without needing to upgrade an 802.1x-compliant access point. As a
result, you can update the EAP authentication type as newer types become available and your
requirements for security change.
Page 82 / 118
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
B-12
Wireless Networking Basics
August 2003
Page 83 / 118
Network, Routing, Firewall, and Cabling Basics
C-1
August 2003
Appendix C
Network, Routing, Firewall, and Cabling Basics
This chapter provides an overview of IP networks, routing, and wireless networking.
As you read this document, you may be directed to various RFC documents for further
information. An RFC is a Request For Comment (RFC) published by the Internet Engineering
Task Force (IETF), an open organization that defines the architecture and operation of the Internet.
The RFC documents outline and define the standard protocols and procedures for the Internet. The
documents are listed on the World Wide Web at
www.ietf.org
and are mirrored and indexed at
many other sites worldwide.
Basic Router Concepts
Large amounts of bandwidth can be provided easily and relatively inexpensively in a local area
network (LAN). However, providing high bandwidth between a local network and the Internet can
be very expensive. Because of this expense, Internet access is usually provided by a slower-speed
wide-area network (WAN) link such as a cable or DSL modem. In order to make the best use of the
slower WAN link, a mechanism must be in place for selecting and transmitting only the data traffic
meant for the Internet. The function of selecting and forwarding this data is performed by a router.
Page 84 / 118
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
C-2
Network, Routing, Firewall, and Cabling Basics
August 2003
What is a Router?
A router is a device that forwards traffic between networks based on network layer information in
the data and on routing tables maintained by the router. In these routing tables, a router builds up a
logical picture of the overall network by gathering and exchanging information with other routers
in the network. Using this information, the router chooses the best path for forwarding network
traffic.
Routers vary in performance and scale, number of routing protocols supported, and types of
physical WAN connection they support. The ME103 802.11b ProSafe Wireless Access Point is a
small office router that routes the IP protocol over a single-user broadband connection.
IP Addresses and the Internet
Because TCP/IP networks are interconnected across the world, every machine on the Internet must
have a unique address to make sure that transmitted data reaches the correct destination. Blocks of
addresses are assigned to organizations by the Internet Assigned Numbers Authority (IANA).
Individual users and small organizations may obtain their addresses either from the IANA or from
an Internet service provider (ISP). You can contact IANA at www.iana.org.
The Internet Protocol (IP) uses a 32-bit address structure. The address is usually written in dot
notation (also called dotted-decimal notation), in which each group of eight bits is written in
decimal form, separated by decimal points.
For example, the following binary address: 11000011
00100010
00001100
00000111
is normally written as: 195.34.12.7
The latter version is easier to remember and easier to enter into your computer.
In addition, the 32 bits of the address are subdivided into two parts. The first part of the address
identifies the network, and the second part identifies the host node or station on the network. The
dividing point may vary depending on the address range and the application.
There are five standard classes of IP addresses. These address classes have different ways of
determining the network and host sections of the address, allowing for different numbers of hosts
on a network. Each address type begins with a unique bit pattern, which is used by the TCP/IP
software to identify the address class. After the address class has been determined, the software
can correctly identify the host section of the address. The follow figure shows the three main
address classes, including network and host sections of the address for each address type.
Page 85 / 118
Reference Manual for the ME103 802.11b ProSafe Wireless Access Point
Network, Routing, Firewall, and Cabling Basics
C-3
August 2003
Figure 6-3:
Three Main Address Classes
The five address classes are:
Class A
Class A addresses can have up to 16,777,214 hosts on a single network. They use an eight-bit
network number and a 24-bit node number. Class A addresses are in this range:
1.x.x.x to 126.x.x.x.
Class B
Class B addresses can have up to 65,354 hosts on a network. A Class B address uses a 16-bit
network number and a 16-bit node number. Class B addresses are in this range:
128.1.x.x to 191.254.x.x.
Class C
Class C addresses can have 254 hosts on a network. Class C addresses use 24 bits for the
network address and eight bits for the node. They are in this range:
192.0.1.x to 223.255.254.x.
Class D
Class D addresses are used for multicasts (messages sent to many hosts). Class D addresses are
in this range:
224.0.0.0 to 239.255.255.255.
Class E
Class E addresses are for experimental use.
7261
Class A
Network
Node
Class B
Class C
Network
Node
Network
Node

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top