1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. VMG1312-B10D
    5. /
  5. 23
Page 111 / 331 Scroll up to view Page 106 - 110
Chapter 7 Wireless
VMG1312-B Series User’s Guide
111
Figure 43
Network Setting > Wireless > Channel Status
7.10
Technical Reference
This section discusses wireless LANs in depth. For more information, see
Appendix B on page 293
.
7.10.1
Wireless Network Overview
Wireless networks consist of wireless clients, access points and bridges.
A wireless client is a radio connected to a user’s computer.
An access point is a radio with a wired connection to a network, which can connect with
numerous wireless clients and let them access the network.
A bridge is a radio that relays communications between access points and wireless clients,
extending a network’s range.
Traditionally, a wireless network operates in one of two ways.
An “infrastructure” type of network has one or more access points and one or more wireless
clients. The wireless clients connect to the access points.
An “ad-hoc” type of network is one in which there is no access point. Wireless clients connect to
one another in order to exchange information.
Page 112 / 331
Chapter 7 Wireless
VMG1312-B Series User’s Guide
112
The following figure provides an example of a wireless network.
Figure 44
Example of a Wireless Network
The wireless network is the part in the blue circle. In this wireless network, devices
A
and
B
use the
access point (
AP
) to interact with the other devices (such as the printer) or with the Internet. Your
Device is the AP.
Every wireless network must follow these basic guidelines.
Every device in the same wireless network must use the same SSID.
The SSID is the name of the wireless network. It stands for Service Set IDentifier.
If two wireless networks overlap, they should use a different channel.
Like radio stations or television channels, each wireless network uses a specific channel, or
frequency, to send and receive information.
Every device in the same wireless network must use security compatible with the AP.
Security stops unauthorized devices from using the wireless network. It can also protect the
information that is sent in the wireless network.
Radio Channels
In the radio spectrum, there are certain frequency bands allocated for unlicensed, civilian use. For
the purposes of wireless networking, these bands are divided into numerous channels. This allows a
variety of networks to exist in the same place without interfering with one another. When you
create a network, you must select a channel to use.
Since the available unlicensed spectrum varies from one country to another, the number of
available channels also varies.
Page 113 / 331
Chapter 7 Wireless
VMG1312-B Series User’s Guide
113
7.10.2
Additional Wireless Terms
The following table describes some wireless network terms and acronyms used in the Device’s Web
Configurator.
7.10.3
Wireless Security Overview
By their nature, radio communications are simple to intercept. For wireless data networks, this
means that anyone within range of a wireless network without security can not only read the data
passing over the airwaves, but also join the network. Once an unauthorized person has access to
the network, he or she can steal information or introduce malware (malicious software) intended to
compromise the network. For these reasons, a variety of security systems have been developed to
ensure that only authorized people can use a wireless data network, or understand the data carried
on it.
These security standards do two things. First, they authenticate. This means that only people
presenting the right credentials (often a username and password, or a “key” phrase) can access the
network. Second, they encrypt. This means that the information sent over the air is encoded. Only
people with the code key can understand the information, and only people who have been
authenticated are given the code key.
These security standards vary in effectiveness. Some can be broken, such as the old Wired
Equivalent Protocol (WEP). Using WEP is better than using no security at all, but it will not keep a
determined attacker out. Other security standards are secure in themselves but can be broken if a
user does not use them properly. For example, the WPA-PSK security standard is very secure if you
use a long key which is difficult for an attacker’s software to guess - for example, a twenty-letter
long string of apparently random numbers and letters - but it is not very secure if you use a short
key which is very easy to guess - for example, a three-letter word from the dictionary.
Because of the damage that can be done by a malicious attacker, it’s not just people who have
sensitive information on their network who should use security. Everybody who uses any wireless
network should ensure that effective security is in place.
A good way to come up with effective security keys, passwords and so on is to use obscure
information that you personally will easily remember, and to enter it in a way that appears random
Table 28
Additional Wireless Terms
TERM
DESCRIPTION
RTS/CTS Threshold
In a wireless network which covers a large area, wireless devices are sometimes not
aware of each other’s presence. This may cause them to send information to the AP
at the same time and result in information colliding and not getting through.
By setting this value lower than the default value, the wireless devices must
sometimes get permission to send information to the Device. The lower the value, the
more often the devices must get permission.
If this value is greater than the fragmentation threshold value (see below), then
wireless devices never have to get permission to send information to the Device.
Preamble
A preamble affects the timing in your wireless network. There are two preamble
modes: long and short. If a device uses a different preamble mode than the Device
does, it cannot communicate with the Device.
Authentication
The process of verifying whether a wireless device is allowed to use the wireless
network.
Fragmentation
Threshold
A small fragmentation threshold is recommended for busy networks, while a larger
threshold provides faster performance if the network is not very busy.
Page 114 / 331
Chapter 7 Wireless
VMG1312-B Series User’s Guide
114
and does not include real words. For example, if your mother owns a 1970 Dodge Challenger and
her favorite movie is Vanishing Point (which you know was made in 1971) you could use
“70dodchal71vanpoi” as your security key.
The following sections introduce different types of wireless security you can set up in the wireless
network.
7.10.3.1
SSID
Normally, the Device acts like a beacon and regularly broadcasts the SSID in the area. You can hide
the SSID instead, in which case the Device does not broadcast the SSID. In addition, you should
change the default SSID to something that is difficult to guess.
This type of security is fairly weak, however, because there are ways for unauthorized wireless
devices to get the SSID. In addition, unauthorized wireless devices can still see the information that
is sent in the wireless network.
7.10.3.2
MAC Address Filter
Every device that can use a wireless network has a unique identification number, called a MAC
address.
1
A MAC address is usually written using twelve hexadecimal characters
2
; for example,
00A0C5000002 or 00:A0:C5:00:00:02. To get the MAC address for each device in the wireless
network, see the device’s User’s Guide or other documentation.
You can use the MAC address filter to tell the Device which devices are allowed or not allowed to
use the wireless network. If a device is allowed to use the wireless network, it still has to have the
correct information (SSID, channel, and security). If a device is not allowed to use the wireless
network, it does not matter if it has the correct information.
This type of security does not protect the information that is sent in the wireless network.
Furthermore, there are ways for unauthorized wireless devices to get the MAC address of an
authorized device. Then, they can use that MAC address to use the wireless network.
7.10.3.3
User Authentication
Authentication is the process of verifying whether a wireless device is allowed to use the wireless
network. You can make every user log in to the wireless network before using it. However, every
device in the wireless network has to support IEEE 802.1x to do this.
For wireless networks, you can store the user names and passwords for each user in a RADIUS
server. This is a server used in businesses more than in homes. If you do not have a RADIUS server,
you cannot set up user names and passwords for your users.
Unauthorized wireless devices can still see the information that is sent in the wireless network,
even if they cannot use the wireless network. Furthermore, there are ways for unauthorized
wireless users to get a valid user name and password. Then, they can use that user name and
password to use the wireless network.
1.
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds
of wireless devices might not have MAC addresses.
2.
Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.
Page 115 / 331
Chapter 7 Wireless
VMG1312-B Series User’s Guide
115
7.10.3.4
Encryption
Wireless networks can use encryption to protect the information that is sent in the wireless
network. Encryption is like a secret code. If you do not know the secret code, you cannot
understand the message.
The types of encryption you can choose depend on the type of authentication. (See
Section
7.10.3.3 on page 114
for information about this.)
For example, if the wireless network has a RADIUS server, you can choose
WPA
or
WPA2
. If users
do not log in to the wireless network, you can choose no encryption,
Static WEP
,
WPA-PSK
, or
WPA2-PSK
.
Usually, you should set up the strongest encryption that every device in the wireless network
supports. For example, suppose you have a wireless network with the Device and you do not have
a RADIUS server. Therefore, there is no authentication. Suppose the wireless network has two
devices. Device A only supports WEP, and device B supports WEP and WPA. Therefore, you should
set up
Static WEP
in the wireless network.
Note: It is recommended that wireless networks use
WPA-PSK
,
WPA
, or stronger
encryption. The other types of encryption are better than none at all, but it is still
possible for unauthorized wireless devices to figure out the original information
pretty quickly.
When you select
WPA2
or
WPA2-PSK
in your Device, you can also select an option (
WPA
compatible
) to support WPA as well. In this case, if some of the devices support WPA and some
support WPA2, you should set up
WPA2-PSK
or
WPA2
(depending on the type of wireless network
login) and select the
WPA compatible
option in the Device.
Many types of encryption use a key to protect the information in the wireless network. The longer
the key, the stronger the encryption. Every device in the wireless network must have the same key.
7.10.4
Signal Problems
Because wireless networks are radio networks, their signals are subject to limitations of distance,
interference and absorption.
Problems with distance occur when the two radios are too far apart. Problems with interference
occur when other radio waves interrupt the data signal. Interference may come from other radio
transmissions, such as military or air traffic control communications, or from machines that are
coincidental emitters such as electric motors or microwaves. Problems with absorption occur when
physical objects (such as thick walls) are between the two radios, muffling the signal.
Table 29
Types of Encryption for Each Type of Authentication
NO AUTHENTICATION
RADIUS SERVER
Weakest
No Security
WPA
Static WEP
WPA-PSK
Strongest
WPA2-PSK
WPA2

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top