Zyxel VMG4325-B10A Router Manual PDF (Setup & Configuration Guide)

Page 341 / 367 Scroll up to view Page 336 - 340

Appendix D Wireless LANs

VMG4380-B10A / VMG4325-B10A User’s Guide

341

4

The RADIUS server distributes the PMK to the AP. The AP then sets up a key hierarchy and

management system, using the PMK to dynamically generate unique data encryption keys. The

keys are used to encrypt every data packet that is wirelessly communicated between the AP and

the wireless clients.

Figure 201

WPA(2) with RADIUS Application Example

WPA(2)-PSK Application Example

A WPA(2)-PSK application looks as follows.

1

First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must

consist of between 8 and 63 ASCII characters or 64 hexadecimal characters (including spaces and

symbols).

2

The AP checks each wireless client's password and allows it to join the network only if the password

matches.

3

The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not

sent over the network, but is derived from the PSK and the SSID.

4

The AP and wireless clients use the TKIP or AES encryption process, the PMK and information

exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data

exchanged between them.

Figure 202

WPA(2)-PSK Authentication

Page 342 / 367

Appendix D Wireless LANs

VMG4380-B10A / VMG4325-B10A User’s Guide

342

Security Parameters Summary

Refer to this table to see what other security parameters you should configure for each

authentication method or key management protocol type. MAC address filters are not dependent on

how you configure these security features.

Antenna Overview

An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to

the antenna, which propagates the signal through the air. The antenna also operates in reverse by

capturing RF signals from the air.

Positioning the antennas properly increases the range and coverage area of a wireless LAN.

Antenna Characteristics

Frequency

An antenna in the frequency of 2.4GHz (IEEE 802.11b and IEEE 802.11g) or 5GHz (IEEE 802.11a)

is needed to communicate efficiently in a wireless LAN

Radiation Pattern

A radiation pattern is a diagram that allows you to visualize the shape of the antenna’s coverage

area.

Antenna Gain

Antenna gain, measured in dB (decibel), is the increase in coverage within the RF beam width.

Higher antenna gain improves the range of the signal for better communications.

For an indoor site, each 1 dB increase in antenna gain results in a range increase of approximately

Table 128

Wireless Security Relational Matrix

AUTHENTICATION

METHOD/ KEY

MANAGEMENT PROTOCOL

ENCRYPTIO

N METHOD

ENTER

MANUAL KEY

IEEE 802.1X

Open

None

No

Disable

Enable without Dynamic WEP Key

Open

WEP

No

Enable with Dynamic WEP Key

Yes

Enable without Dynamic WEP Key

Yes

Disable

Shared

WEP

No

Enable with Dynamic WEP Key

Yes

Enable without Dynamic WEP Key

Yes

Disable

WPA

TKIP/AES

No

Enable

WPA-PSK

TKIP/AES

Yes

Disable

WPA2

TKIP/AES

No

Enable

WPA2-PSK

TKIP/AES

Yes

Disable

Page 343 / 367

Appendix D Wireless LANs

VMG4380-B10A / VMG4325-B10A User’s Guide

343

2.5%. For an unobstructed outdoor site, each 1dB increase in gain results in a range increase of

approximately 5%. Actual results may vary depending on the network environment.

Antenna gain is sometimes specified in dBi, which is how much the antenna increases the signal

power compared to using an isotropic antenna. An isotropic antenna is a theoretical perfect antenna

that sends out radio signals equally well in all directions. dBi represents the true gain that the

antenna provides.

Types of Antennas for WLAN

There are two types of antennas used for wireless LAN applications.

•

Omni-directional antennas send the RF signal out in all directions on a horizontal plane. The

coverage area is torus-shaped (like a donut) which makes these antennas ideal for a room

environment. With a wide coverage area, it is possible to make circular overlapping coverage

areas with multiple access points.

•

Directional antennas concentrate the RF signal in a beam, like a flashlight does with the light

from its bulb. The angle of the beam determines the width of the coverage pattern. Angles

typically range from 20 degrees (very directional) to 120 degrees (less directional). Directional

antennas are ideal for hallways and outdoor point-to-point applications.

Positioning Antennas

In general, antennas should be mounted as high as practically possible and free of obstructions. In

point-to–point application, position both antennas at the same height and in a direct line of sight to

each other to attain the best performance.

For omni-directional antennas mounted on a table, desk, and so on, point the antenna up. For

omni-directional antennas mounted on a wall or ceiling, point the antenna down. For a single AP

application, place omni-directional antennas as close to the center of the coverage area as possible.

For directional antennas, point the antenna in the direction of the desired coverage area.

Page 344 / 367

Appendix D Wireless LANs

VMG4380-B10A / VMG4325-B10A User’s Guide

344

Page 345 / 367

VMG4380-B10A / VMG4325-B10A User’s Guide

345

A

PPENDIX

E

IPv6

Overview

IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The

increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 10

38

IP

addresses.

IPv6 Addressing

The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:). This

is an example IPv6 address

2001:0db8:1a2b:0015:0000:0000:1a2f:0000

.

IPv6 addresses can be abbreviated in two ways:

•

Leading zeros in a block can be omitted. So

2001:0db8:1a2b:0015:0000:0000:1a2f:0000

can

be written as

2001:db8:1a2b:15:0:0:1a2f:0

.

•

Any number of consecutive blocks of zeros can be replaced by a double colon. A double colon can

only appear once in an IPv6 address. So

2001:0db8:0000:0000:1a2f:0000:0000:0015

can be

written as

2001:0db8::1a2f:0000:0000:0015

,

2001:0db8:0000:0000:1a2f::0015

,

2001:db8::1a2f:0:0:15

or

2001:db8:0:0:1a2f::15

.

Prefix and Prefix Length

Similar to an IPv4 subnet mask, IPv6 uses an address prefix to represent the network address. An

IPv6 prefix length specifies how many most significant bits (start from the left) in the address

compose the network address. The prefix length is written as “/x” where x is a number. For

example,

2001:db8:1a2b:15::1a2f:0/32

means that the first 32 bits (

2001:db8

) is the subnet prefix.

Link-local Address

A link-local address uniquely identifies a device on the local network (the LAN). It is similar to a

“private IP address” in IPv4. You can have the same link-local address on multiple interfaces on a

device. A link-local unicast address has a predefined prefix of fe80::/10. The link-local unicast

address format is as follows.

Table 129

Link-local Unicast Address Format

1111 1110 10

0

Interface ID

10 bits

54 bits

64 bits

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share