ZyXEL Communications NWD6605 User Manual
Chapter 3 Wireless LANs
NWD Series User’s Guide
24
single, alphanumeric password to derive a PMK which is used to generate unique temporal
encryption keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of
WEP)
encryption keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of
WEP)
If both an AP and the wireless clients support WPA2-PSK, use WPA2-PSK for stronger data
encryption. If the AP or the wireless clients do not support WPA2-PSK, just use WPA-PSK. Select
WEP only when the AP and/or wireless clients do not support WPA-PSK or WPA2-PSK. WEP is less
secure than WPA-PSK or WPA2-PSK.
encryption. If the AP or the wireless clients do not support WPA2-PSK, just use WPA-PSK. Select
WEP only when the AP and/or wireless clients do not support WPA-PSK or WPA2-PSK. WEP is less
secure than WPA-PSK or WPA2-PSK.
3.4 Wi-Fi Protected Setup
3.4.1 How WPS Works
When two WPS-enabled devices connect, each device must assume a specific role. One device acts
as the registrar (the device that supplies network and security settings) and the other device acts
as the enrollee (the device that receives network and security settings. The registrar creates a
secure EAP (Extensible Authentication Protocol) tunnel and sends the network name (SSID) and the
WPA-PSK or WPA2-PSK pre-shared key to the enrollee. Whether WPA-PSK or WPA2-PSK is used
depends on the standards supported by the devices. If the registrar is already part of a network, it
sends the existing information. If not, it generates the SSID and WPA(2)-PSK randomly.
as the registrar (the device that supplies network and security settings) and the other device acts
as the enrollee (the device that receives network and security settings. The registrar creates a
secure EAP (Extensible Authentication Protocol) tunnel and sends the network name (SSID) and the
WPA-PSK or WPA2-PSK pre-shared key to the enrollee. Whether WPA-PSK or WPA2-PSK is used
depends on the standards supported by the devices. If the registrar is already part of a network, it
sends the existing information. If not, it generates the SSID and WPA(2)-PSK randomly.
The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a
WPS-enabled access point.
WPS-enabled access point.
Figure 9
How WPS works
SECURE TUNNEL
SECURITY INFO
WITHIN 2 MINUTES
COMMUNICATION
ACTIVATE
WPS
ACTIVATE
WPS
WPS HANDSHAKE
REGISTRAR
ENROLLEE