Manualsbrain.com
  1. Manuals
  2. Brands
  3. ZyXEL Communications
  4. max208m
  5. User Manual

ZyXEL Communications max208m User Manual

Download
Page of 290
Chapter 6 WiMAX
WiMAX Device Configuration User’s Guide
76
This screen contains the following fields:
Table 14   
Authentication Settings
LABEL
DESCRIPTION
Authentication 
Mode
Select the authentication mode from the list.
The WiMAX Device supports the following authentication modes:
No authentication
User authentication
Device authentication
User and device authentication
Data Encryption
AES-CCM
Select this to enable AES-CCM encryption. CCM combines counter-mode 
encryption with CBC-MAC authentication.
AES-CBC
Select this to enable AES-CBC encryption. CBC creates message authentication 
code from a block cipher.
Key Encryption
AES-key wrap
Select this encapsulate cryptographic keys in a symmetric encryption algorithm.
AES-ECB
Select this to divide cryptographic keys into blocks and encrypt them separately.
EAP Supplicant
EAP Mode
Select an Extensible Authentication Protocol (EAP) mode.
The WiMAX Device supports the following:
EAP-TLS - In this protocol, digital certifications are needed by both the 
server and the wireless clients for mutual authentication. The server presents 
a certificate to the client. After validating the identity of the server, the client 
sends a different certificate to the server. The exchange of certificates is done 
in the open before a secured tunnel is created. This makes user identity 
vulnerable to passive attacks. A digital certificate is an electronic ID card that 
authenticates the sender’s identity. However, to implement EAP-TLS, you 
need a Certificate Authority (CA) to handle certificates, which imposes a 
management overhead.
EAP-TTLS - This protocol is an extension of the EAP-TLS authentication that 
uses certificates for only the server-side authentications to establish a secure 
connection. Client authentication is then done by sending username and 
password through the secure connection, thus client identity is protected. For 
client authentication, EAP-TTLS supports EAP methods and legacy 
authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2. 
Anonymous 
ID
Enter the anonymous ID used for EAP supplicant authentication.
Server Root 
CA Cert File
Browse for and choose a server root certificate file, if required.
Server Root 
CA Info
This field displays information about the assigned server root certificate.
Device Cert 
File
Browse for and choose a device certificate file, if required.
Before you import certificate from WebGUI, the certificate file must be signed by 
chipset vendor due to security reason.
Device Cert 
Info
This field displays information about the assigned device certificate.
Device Private 
Key
Browse for and choose a device private key, if required.
Device Private 
Key Info
This field displays information about the assigned device private key.
Device Private 
Key Password
Enter the device private key, if required.