ZyXEL Wireless Access Point G1000 91-005-124003B User Manual
Product codes
91-005-124003B
G-1000 User’s Guide
Chapter 6 Wireless LAN
59
6.6 Introduction to WPA
Wi-Fi Protected Access (WPA and WPA2) applies IEEE 801.2x and Extensible
Authentication Protocol (EAP) to authenticate wireless clients using and external RADIUS
database. WPA has better user authentication and improved data encryption than WEP, and
WPA2 provides even better data encryption and user authentication than WPA. See the
appendix for more information on WPA(2) user authentication and WPA encryption.
Authentication Protocol (EAP) to authenticate wireless clients using and external RADIUS
database. WPA has better user authentication and improved data encryption than WEP, and
WPA2 provides even better data encryption and user authentication than WPA. See the
appendix for more information on WPA(2) user authentication and WPA encryption.
If the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for
stronger data encryption. If you don’t have an external RADIUS server, you should use
WPA2-PSK (WPA2-Pre-Shared Key). WPA2-PSK only requires a single (identical) password
entered into each WLAN member. As long as the passwords match, a client will be granted
access to a WLAN.
stronger data encryption. If you don’t have an external RADIUS server, you should use
WPA2-PSK (WPA2-Pre-Shared Key). WPA2-PSK only requires a single (identical) password
entered into each WLAN member. As long as the passwords match, a client will be granted
access to a WLAN.
If the wireless clients do not support WPA2, use WPA or WPA-PSK, depending on whether or
not you have an additional RADIUS server. Use WEP only if the wireless clients do not
support WPA(2).
not you have an additional RADIUS server. Use WEP only if the wireless clients do not
support WPA(2).
Note: You can’t use the Local User Database for authentication when you select
WPA(2).
6.6.1 WPA(2)-PSK Application Example
A WPA-PSK (or WPA2-PSK) application looks as follows.
1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key
(PSK) must be between 8 and 63 printable characters (including spaces; alphabetic
characters are case-sensitive).
characters are case-sensitive).
2 The AP checks each client’s password and (only) allows it to join the network if the
password matches.
3 The AP derives and distributes keys to the wireless clients.
4 The AP and wireless clients use the TKIP or AES encryption process to encrypt data
exchanged between them.