1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. WAG302
    5. /
  5. 22
Page 106 / 120 Scroll up to view Page 101 - 105
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302
B-18
Wireless Networking Basics
202-10078-01
Is WPA Perfect?
WPA is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS)
attacks. If the access point receives two data packets that fail the message integrity code (MIC)
within 60 seconds of each other, then the network is under an active attack, and as a result, the
access point employs counter measures, which include disassociating each station using the access
point. This prevents an attacker from gleaning information about the encryption key and alerts
administrators, but it also causes users to lose network connectivity for 60 seconds. More than
anything else, this may just prove that no single security tactic is completely invulnerable. WPA is
a definite step forward in WLAN security over WEP and has to be thought of as a single part of an
end-to-end network security strategy.
Product Support for WPA
Starting in August, 2003, NETGEAR, Inc. wireless Wi-Fi certified products will support the WPA
standard. NETGEAR, Inc. wireless products that had their Wi-Fi certification approved before
August, 2003 will have one year to add WPA so as to maintain their Wi-Fi certification.
WPA requires software changes to the following:
Wireless access points
Wireless network adapters
Wireless client programs
Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged
To support the gradual transition of WEP-based wireless networks to WPA, a wireless AP can
support both WEP and WPA clients at the same time. During the association, the wireless AP
determines which clients use WEP and which clients use WPA. The disadvantage to supporting a
mixture of WEP and WPA clients is that the global encryption key is not dynamic. This is because
WEP-based clients cannot support it. All other benefits to the WPA clients, such as integrity, are
maintained.
However, a mixed mode supporting WPA and non-WPA clients would offer network security that
is no better than that obtained with a non-WPA network, and thus this mode of operation is
discouraged.
Page 107 / 120
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302
Wireless Networking Basics
B-19
202-10078-01
Changes to Wireless Access Points
Wireless access points must have their firmware updated to support the following:
The new WPA information element
To advertise their support of WPA, wireless APs send the beacon frame with a new 802.11
WPA information element that contains the wireless AP's security configuration (encryption
algorithms and wireless security configuration information).
The WPA two-phase authentication
Open system, then 802.1x (EAP with RADIUS or preshared key).
TKIP
Michael
AES
(optional)
To upgrade your wireless access points to support WPA, obtain a WPA firmware update from your
wireless AP vendor and upload it to your wireless AP.
Changes to Wireless Network Adapters
Wireless networking software in the adapter, and possibly in the OS or client application, must be
updated to support the following:
The new WPA information element
Wireless clients must be able to process the WPA information element and respond with a
specific security configuration.
The WPA two-phase authentication
Open system, then 802.1x supplicant (EAP or preshared key).
TKIP
Michael
AES
(optional)
To upgrade your wireless network adapters to support WPA, obtain a WPA update from your
wireless network adapter vendor and update the wireless network adapter driver.
For Windows wireless clients, you must obtain an updated network adapter driver that supports
WPA. For wireless network adapter drivers that are compatible with Windows XP (Service Pack 1)
and Windows Server 2003, the updated network adapter driver must be able to pass the adapter's
WPA capabilities and security configuration to the Wireless Zero Configuration service.
Page 108 / 120
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302
B-20
Wireless Networking Basics
202-10078-01
Microsoft has worked with many wireless vendors to embed the WPA firmware update in the
wireless adapter driver. So, to update your Microsoft Windows wireless client, all you have to do is
obtain the new WPA-compatible driver and install the driver. The firmware is automatically
updated when the wireless network adapter driver is loaded in Windows.
Changes to Wireless Client Programs
Wireless client programs must be updated to permit the configuration of WPA authentication (and
preshared key) and the new WPA encryption algorithms (TKIP and the optional AES component).
To obtain the Microsoft WPA client program, visit the Microsoft Web site.
Page 109 / 120
Command Line Reference
C-1
202-10078-01
Appendix C
Command Line Reference
The WAG302 ProSafe Dual Band Wireless Access Point (AP) can be configured either through the
command line interface (CLI), a Web browser, or an MIB browser. The CLI allows viewing and
modification of the configuration from a terminal or PC through a telnet connection.
Command Sets
get set del keyword Description
--- --- --- ---------------------- -------------------------------
[X] [X] time
[X] |-now --current system time
[X] [X] |-zone --time zone
[X] [X] ‘-daylight saving --daylight saving
[X] [X] system
[X] |-version --system firmware version
[X] [X] |-apname --system name
[X] |-macaddr --system MAC address
[X] [X] |-country --country/region
[X] [X] |-dhcpclient --system dhcp client
[X] [X] |-ipaddr --system IP address
[X] [X] |-netmask --system network mask
[X] [X] |-gateway --system gateway
[X] [X] |-dns
[X] [X] | |-primary --primary system DNS server
[X] [X] | ‘-secondary --secondary system DNS server
[X] [X] |-stp --enable spanning tree protocol
[X] ‘-ethstats --ethernet statistics
[X] [X] dhcp server
[X] [X] |-dhcpserver --enable DHCP server
[X] [X] |-anyip --accept static IP (AnyIP function)
[X] [X] |-ipstart --starting IP address
[X] [X] |-ipend --ending IP address
[X] [X] |-netmask --network mask
[X] [X] |-gateway --gateway
[X] [X] |-dns
[X] [X] | |-primary --primary DNS server
[X] [X] | ‘-secondary --secondary DNS server
Page 110 / 120
Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302
C-2
Command Line Reference
202-10078-01
get set del keyword Description
--- --- --- ---------------------- -------------------------------
[X] [X] |-wins
[X] [X] | |-primary --primary WINS server
[X] [X] | ‘-secondary --secondary WINS server
[X] [X] ‘-lease --lease time
[X] [X] radius
[X] [X] |-auth
[X] [X] | |-primary
[X] [X] | | |-ipaddr --primary authentication radius IP address
[X] [X] | | |-port --primary authentication radius port number
[X] [X] | | ‘-secret --primary authentication radius secret string
[X] [X] | ‘-secondary
[X] [X] | |-ipaddr --secondary authentication radius IP address
[X] [X] | |-port --secondary authentication radius port num
[X] [X] | ‘-secret --secondary authentication radius secret string
[X] [X] ‘-account
[X] [X] |-primary
[X] [X] | |-ipaddr --primary accounting radius IP address
[X] [X] | |-port --primary accounting radius port number
[X] [X] | ‘-secret --primary accounting radius secret string
[X] [X] ‘-secondary
[X] [X] |-ipaddr --secondary accounting radius IP address
[X] [X] |-port --secondary accounting radius port num
[X] [X] ‘-secret --secondary accounting radius secret string
[X] [X] ssh --enable remote SSH access
[X] [X] snmp
[X] [X] |-server --enable SNMP agent
[X] [X] |-trap server --SNMP TrapServer
[X] [X] |-read community --SNMP ReadCommunity
[X] [X] |-write community --SNMP WriteCommunity
[X] [X] ‘-description --SNMP System Description
[X] [X] log
[X] [X] |-client --enable syslog client
[X] [X] |-ipaddr --syslog server IP address
[X] [X] ‘-port --syslog server port number
[X] [X] [X] wlan
[X] [X] |-interface --select wireless lan interface
(1: 802.11a; 2: 802.11g)
[X] |-version --wireless driver version
[X] [X] |-radio --enable wireless radio
[X] [X] |-wirelessmode --wireless mode
[X] [X] |-channel --wireless channel (depends on country and
| wireless mode)
[X] [X] |-rate --wireless transmission date rate
[X] [X] |-ssid --wireless network name (1-32 chars)
[X] [X] |-ssidsuppress --wireless SSID broadcast suppress
[X] [X] |-power --wireless transmit power

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top