Page 76 / 296 Scroll up to view Page 71 - 75
Chapter 5 Wireless LAN
NBG334W User’s Guide
76
5.2.3
User Authentication
You can make every user log in to the wireless network before they can use it. This is called
user authentication. However, every wireless client in the wireless network has to support
IEEE 802.1x to do this.
For wireless networks, there are two typical places to store the user names and passwords for
each user.
In the AP: this feature is called a local user database or a local database.
In a RADIUS server: this is a server used in businesses more than in homes.
If your AP does not provide a local user database and if you do not have a RADIUS server,
you cannot set up user names and passwords for your users.
Unauthorized devices can still see the information that is sent in the wireless network, even if
they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless
users to get a valid user name and password. Then, they can use that user name and password
to use the wireless network.
Local user databases also have an additional limitation that is explained in the next section.
5.2.4
Encryption
Wireless networks can use encryption to protect the information that is sent in the wireless
network. Encryption is like a secret code. If you do not know the secret code, you cannot
understand the message.
The types of encryption you can choose depend on the type of user authentication. (See
Section 5.2.3 on page 76
for information about this.)
For example, if the wireless network has a RADIUS server, you can choose
WPA
or
WPA2
. If
users do not log in to the wireless network, you can choose no encryption,
Static WEP
,
WPA-
PSK
, or
WPA2-PSK
.
Usually, you should set up the strongest encryption that every wireless client in the wireless
network supports. For example, suppose the AP does not have a local user database, and you
do not have a RADIUS server. Therefore, there is no user authentication. Suppose the wireless
network has two wireless clients. Device A only supports WEP, and device B supports WEP
and WPA. Therefore, you should set up
Static WEP
in the wireless network.
Table 25
Types of Encryption for Each Type of Authentication
NO AUTHENTICATION
RADIUS SERVER
Weakest
No Security
WPA
Static WEP
WPA-PSK
Strongest
WPA2-PSK
WPA2
Page 77 / 296
Chapter 5 Wireless LAN
NBG334W User’s Guide
77
"
It is recommended that wireless networks use
WPA-PSK
,
WPA
, or stronger
encryption. IEEE 802.1x and WEP encryption are better than none at all, but it
is still possible for unauthorized devices to figure out the original information
pretty quickly.
It is not possible to use
WPA-PSK
,
WPA
or stronger encryption with a local
user database. In this case, it is better to set up stronger encryption with no
authentication than to set up weaker encryption with the local user database.
When you select
WPA2
or
WPA2-PSK
in your NBG334W, you can also select an option
(
WPA Compatible
) to support WPA as well. In this case, if some wireless clients support
WPA and some support WPA2, you should set up
WPA2-PSK
or
WPA2
(depending on the
type of wireless network login) and select the
WPA Compatible
option in the NBG334W.
Many types of encryption use a key to protect the information in the wireless network. The
longer the key, the stronger the encryption. Every wireless client in the wireless network must
have the same key.
5.3
Roaming
A wireless station is a device with an IEEE 802.11a/b/g compliant wireless interface. An
access point (AP) acts as a bridge between the wireless and wired networks. An AP creates its
own wireless coverage area. A wireless station can associate with a particular access point
only if it is within the access point’s coverage area.
In a network environment with multiple access points, wireless stations are able to switch from
one access point to another as they move between the coverage areas. This is known as
roaming. As the wireless station moves from place to place, it is responsible for choosing the
most appropriate access point depending on the signal strength, network utilization or other
factors.
The roaming feature on the access points allows the access points to relay information about
the wireless stations to each other. When a wireless station moves from a coverage area to
another, it scans and uses the channel of a new access point, which then informs the other
access points on the LAN about the change. An example is shown in
Figure 34 on page 78
.
With roaming, a wireless LAN mobile user enjoys a continuous connection to the wired
network through an access point while moving around the wireless LAN.
Enable roaming to exchange the latest bridge information of all wireless stations between APs
when a wireless station moves between coverage areas. Wireless stations can still associate
with other APs even if you disable roaming. Enabling roaming ensures correct traffic
forwarding (bridge tables are updated) and maximum AP efficiency. The AP deletes records of
wireless stations that associate with other APs (Non-ZyXEL APs may not be able to perform
this). 802.1x authentication information is not exchanged (at the time of writing).
Page 78 / 296
Chapter 5 Wireless LAN
NBG334W User’s Guide
78
Figure 34
Roaming Example
The steps below describe the roaming process.
1
Wireless station
Y
moves from the coverage area of access point
AP 1
to that of access
point
AP 2
.
2
Wireless station
Y
scans and detects the signal of access point
AP 2
.
3
Wireless station
Y
sends an association request to access point
AP 2
.
4
Access point
AP 2
acknowledges the presence of wireless station
Y
and relays this
information to access point
AP 1
through the wired LAN.
5
Access point
AP 1
updates the new position of wireless station
Y
.
5.3.1
Requirements for Roaming
The following requirements must be met in order for wireless stations to roam between the
coverage areas.
1
All the access points must be on the same subnet and configured with the same ESSID.
2
If IEEE 802.1x user authentication is enabled and to be done locally on the access point,
the new access point must have the user profile for the wireless station.
3
The adjacent access points should use different radio channels when their coverage areas
overlap.
4
All access points must use the same port number to relay roaming information.
5
The access points must be connected to the Ethernet and be able to get IP addresses from
a DHCP server if using dynamic IP address assignment.
5.4
Quality of Service
This section discusses the Quality of Service (QoS) features available on the NBG334W.
Page 79 / 296
Chapter 5 Wireless LAN
NBG334W User’s Guide
79
5.4.1
WMM QoS
WMM (Wi-Fi MultiMedia) QoS (Quality of Service) ensures quality of service in wireless
networks. It controls WLAN transmission priority on packets to be transmitted over the
wireless network.
WMM QoS prioritizes wireless traffic according to delivery requirements. WMM QoS is a
part of the IEEE 802.11e QoS enhancement to certified Wi-Fi wireless networks.
On APs without WMM QoS, all traffic streams are given the same access priority to the
wireless network. If the introduction of another traffic stream creates a data transmission
demand that exceeds the current network capacity, then the new traffic stream reduces the
throughput of the other traffic streams.
The NBG334W uses WMM QoS to prioritize traffic streams according to the IEEE 802.1q tag
or DSCP information in each packet’s header. The NBG334W automatically determines the
priority to use for an individual traffic stream. This prevents reductions in data transmission
for applications that are sensitive to latency (delay) and jitter (variations in delay).
5.4.1.1
WMM QoS Priorities
The following table describes the WMM QoS priority levels that the NBG334W uses.
5.5
General Wireless LAN Screen
"
If you are configuring the NBG334W from a computer connected to the
wireless LAN and you change the NBG334W’s SSID, channel or security
settings, you will lose your wireless connection when you press
Apply
to
confirm. You must then change the wireless settings of your computer to
match the NBG334W’s new settings.
Click
Network
>
Wireless LAN
to open the
General
screen.
Table 26
WMM QoS Priorities
PRIORITY LEVEL
DESCRIPTION
voice
(WMM_VOICE)
Typically used for traffic that is especially sensitive to jitter. Use this priority
to reduce latency for improved voice quality.
video
(WMM_VIDEO)
Typically used for traffic which has some tolerance for jitter but needs to be
prioritized over other data traffic.
best effort
(WMM_BEST_EFFORT)
Typically used for traffic from applications or devices that lack QoS
capabilities. Use best effort priority for traffic that is less sensitive to latency,
but is affected by long delays, such as Internet surfing.
background
(WMM_BACKGROUND)
This is typically used for non-critical traffic such as bulk transfers and print
jobs that are allowed but that should not affect other applications and users.
Use background priority for applications that do not have strict latency and
throughput requirements.
Page 80 / 296
Chapter 5 Wireless LAN
NBG334W User’s Guide
80
Figure 35
Network > Wireless LAN > General
The following table describes the general wireless LAN labels in this screen.
See the rest of this chapter for information on the other labels in this screen.
Table 27
Network > Wireless LAN > General
LABEL
DESCRIPTION
Enable
Wireless LAN
Click the check box to activate wireless LAN.
Name(SSID)
(Service Set IDentity) The SSID identifies the Service Set with which a wireless
station is associated. Wireless stations associating to the access point (AP) must
have the same SSID. Enter a descriptive name (up to 32 printable 7-bit ASCII
characters) for the wireless LAN.
Hide SSID
Select this check box to hide the SSID in the outgoing beacon frame so a station
cannot obtain the SSID through scanning using a site survey tool.
Channel
Selection
Set the operating frequency/channel depending on your particular region.
Select a channel from the drop-down list box. The options vary depending on
whether you are using A or B/G frequency band and the country you are in.
Refer to the Connection Wizard chapter for more information on channels.
Operating
Channel
This displays the channel the NBG334W is currently using.
Security Mode
Select
Static-WEP
,
WPA-PSK
,
WPA
,
WPA2-PSK
, or
WPA2
to add security on this
wireless network. The wireless clients which want to associate to this network must
have same wireless security settings as this device. After you select to use a
security, addional options appears in this screen. See
5.5.2
,
5.5.3
,
5.5.4
sections. Or
you can select
No Security
to allow any client to associate this network without
authentication.
Note: If you enable the WPS function, only
No Security
,
WPA-PSK
and
WPA2-PSK
are available in this option.
Apply
Click
Apply
to save your changes back to the NBG334W.
Reset
Click
Reset
to reload the previous configuration for this screen.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top