1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P-2612HNU-F1F PLDT
    5. /
  5. 74
Page 366 / 424 Scroll up to view Page 361 - 365
Appendix D Wireless LANs
P-2612HNU-Fx User’s Guide
366
wireless gateway, but out-of-range of each other, so they cannot "hear" each
other, that is they do not know if the channel is currently being used. Therefore,
they are considered hidden from each other.
Figure 196
RTS/CTS
When station
A
sends data to the AP, it might not know that the station
B
is
already using the channel. If these two stations send data at the same time,
collisions may occur when both sets of data arrive at the AP at the same time,
resulting in a loss of messages for both stations.
RTS/CTS
is designed to prevent collisions due to hidden nodes. An
RTS/CTS
defines the biggest size data frame you can send before an RTS (Request To
Send)/CTS (Clear to Send) handshake is invoked.
When a data frame exceeds the
RTS/CTS
value you set (between 0 to 2432
bytes), the station that wants to transmit this frame must first send an RTS
(Request To Send) message to the AP for permission to send it. The AP then
responds with a CTS (Clear to Send) message to all other stations within its range
to notify them to defer their transmission. It also reserves and confirms with the
requesting station the time frame for the requested transmission.
Stations can send frames smaller than the specified
RTS/CTS
directly to the AP
without the RTS (Request To Send)/CTS (Clear to Send) handshake.
You should only configure
RTS/CTS
if the possibility of hidden nodes exists on
your network and the "cost" of resending large frames is more than the extra
network overhead involved in the RTS (Request To Send)/CTS (Clear to Send)
handshake.
If the
RTS/CTS
value is greater than the
Fragmentation Threshold
value (see
next), then the RTS (Request To Send)/CTS (Clear to Send) handshake will never
occur as data frames will be fragmented before they reach
RTS/CTS
size.
Note: Enabling the RTS Threshold causes redundant network overhead that could
negatively affect the throughput performance instead of providing a remedy.
Page 367 / 424
Appendix D Wireless LANs
P-2612HNU-Fx User’s Guide
367
Fragmentation Threshold
A
Fragmentation Threshold
is the maximum data fragment size (between 256
and 2432 bytes) that can be sent in the wireless network before the AP will
fragment the packet into smaller data frames.
A large
Fragmentation Threshold
is recommended for networks not prone to
interference while you should set a smaller threshold for busy networks or
networks that are prone to interference.
If the
Fragmentation Threshold
value is smaller than the
RTS/CTS
value (see
previously) you set then the RTS (Request To Send)/CTS (Clear to Send)
handshake will never occur as data frames will be fragmented before they reach
RTS/CTS
size.
Preamble Type
Preamble is used to signal that data is coming to the receiver. Short and long refer
to the length of the synchronization field in a packet.
Short preamble increases performance as less time sending preamble means
more time for sending data. All IEEE 802.11 compliant wireless adapters support
long preamble, but not all support short preamble.
Use long preamble if you are unsure what preamble mode other wireless devices
on the network support, and to provide more reliable communications in busy
wireless networks.
Use short preamble if you are sure all wireless devices on the network support it,
and to provide more efficient communications.
Use the dynamic setting to automatically use short preamble when all wireless
devices on the network support it, otherwise the ZyXEL Device uses long
preamble.
Note: The wireless devices MUST
use the same preamble mode in order to
communicate.
IEEE 802.11g Wireless LAN
IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an
IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point
(and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has
Page 368 / 424
Appendix D Wireless LANs
P-2612HNU-Fx User’s Guide
368
several intermediate rate steps between the maximum and minimum data rates.
The IEEE 802.11g data rate and modulation are as follows:
Wireless Security Overview
Wireless security is vital to your network to protect wireless communication
between wireless clients, access points and the wired network.
Wireless security methods available on the ZyXEL Device are data encryption,
wireless client authentication, restricting access by device MAC address and hiding
the ZyXEL Device identity.
The following figure shows the relative effectiveness of these wireless security
methods available on your ZyXEL Device.
Note: You must enable the same wireless security settings on the ZyXEL Device and
on all wireless clients that you want to associate with it.
Table 99
IEEE 802.11g
DATA RATE
(MBPS)
MODULATION
1
DBPSK (Differential Binary Phase Shift Keyed)
2
DQPSK (Differential Quadrature Phase Shift Keying)
5.5 / 11
CCK (Complementary Code Keying)
6/9/12/18/24/36/
48/54
OFDM (Orthogonal Frequency Division Multiplexing)
Table 100
Wireless Security Levels
SECURITY
LEVEL
SECURITY TYPE
Least
Secure
Most Secure
Unique SSID (Default)
Unique SSID with Hide SSID Enabled
MAC Address Filtering
WEP Encryption
IEEE802.1x EAP with RADIUS Server
Authentication
Wi-Fi Protected Access (WPA)
WPA2
Page 369 / 424
Appendix D Wireless LANs
P-2612HNU-Fx User’s Guide
369
IEEE 802.1x
In June 2001, the IEEE 802.1x standard was designed to extend the features of
IEEE 802.11 to support extended authentication as well as providing additional
accounting and control features. It is supported by Windows XP and a number of
network devices. Some advantages of IEEE 802.1x are:
User based identification that allows for roaming.
Support for RADIUS (Remote Authentication Dial In User Service, RFC 2138,
2139) for centralized user profile and accounting management on a network
RADIUS server.
Support for EAP (Extensible Authentication Protocol, RFC 2486) that allows
additional authentication methods to be deployed with no changes to the access
point or the wireless clients.
RADIUS
RADIUS is based on a client-server model that supports authentication,
authorization and accounting. The access point is the client and the server is the
RADIUS server. The RADIUS server handles the following tasks:
• Authentication
Determines the identity of the users.
• Authorization
Determines the network services available to authenticated users once they are
connected to the network.
• Accounting
Keeps track of the client’s network activity.
RADIUS is a simple package exchange in which your AP acts as a message relay
between the wireless client and the network RADIUS server.
Types of RADIUS Messages
The following types of RADIUS messages are exchanged between the access point
and the RADIUS server for user authentication:
• Access-Request
Sent by an access point requesting authentication.
• Access-Reject
Sent by a RADIUS server rejecting access.
• Access-Accept
Sent by a RADIUS server allowing access.
Page 370 / 424
Appendix D Wireless LANs
P-2612HNU-Fx User’s Guide
370
• Access-Challenge
Sent by a RADIUS server requesting more information in order to allow access.
The access point sends a proper response from the user and then sends another
Access-Request message.
The following types of RADIUS messages are exchanged between the access point
and the RADIUS server for user accounting:
• Accounting-Request
Sent by the access point requesting accounting.
• Accounting-Response
Sent by the RADIUS server to indicate that it has started or stopped accounting.
In order to ensure network security, the access point and the RADIUS server use a
shared secret key, which is a password, they both know. The key is not sent over
the network. In addition to the shared key, password information exchanged is
also encrypted to protect the network from unauthorized access.
Types of EAP Authentication
This section discusses some popular authentication types: EAP-MD5, EAP-TLS,
EAP-TTLS, PEAP and LEAP. Your wireless LAN device may not support all
authentication types.
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on
top of the IEEE 802.1x transport mechanism in order to support multiple types of
user authentication. By using EAP to interact with an EAP-compatible RADIUS
server, an access point helps a wireless station and a RADIUS server perform
authentication.
The type of authentication you use depends on the RADIUS server and an
intermediary AP(s) that supports IEEE 802.1x. .
For EAP-TLS authentication type, you must first have a wired connection to the
network and obtain the certificate(s) from a certificate authority (CA). A certificate
(also called digital IDs) can be used to authenticate users and a CA issues
certificates and guarantees the identity of each certificate owner.
EAP-MD5 (Message-Digest Algorithm 5)
MD5 authentication is the simplest one-way authentication method. The
authentication server sends a challenge to the wireless client. The wireless client
‘proves’ that it knows the password by encrypting the password with the challenge
and sends back the information. Password is not sent in plain text.

Rate

3.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top