ZyXEL Communications Wireless Gateway Series Manual De Usuario
ZyAIR Wireless Gateway Series User’s Guide
7-8
Wireless Security
Table 7-2 MAC Address Filter
LABEL
DESCRIPTION
Active
Select Yes from the drop down list box to enable MAC address filtering.
Filter Action Define the filter action for the list of MAC addresses in the MAC Address table.
Select Deny Association to block access to the ZyAIR, MAC addresses not listed will be
allowed to access the ZyAIR
Select Allow Association to permit access to the ZyAIR, MAC addresses not listed will be
denied access to the ZyAIR.
allowed to access the ZyAIR
Select Allow Association to permit access to the ZyAIR, MAC addresses not listed will be
denied access to the ZyAIR.
Set
This is the index number of the MAC address.
MAC
Address
Address
Enter the MAC addresses (in XX:XX:XX:XX:XX:XX format) of the wireless station that are
allowed or denied access to the ZyAIR in these address fields.
allowed or denied access to the ZyAIR in these address fields.
Apply
Click Apply to save your changes back to the ZyAIR.
Reset
Click Reset to reload the previous configuration for this screen.
7.5 802.1x
Overview
The IEEE 802.1x standard outlines enhanced security methods for both the authentication of wireless stations
and encryption key management. Authentication can be done using the local user database internal to the
ZyAIR (authenticate up to 32 users) or an external RADIUS server for an unlimited number of users.
and encryption key management. Authentication can be done using the local user database internal to the
ZyAIR (authenticate up to 32 users) or an external RADIUS server for an unlimited number of users.
7.6 Dynamic WEP Key Exchange
The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless
connection times out, disconnects or reauthentication times out. A new WEP key is generated each time
reauthentication is performed.
If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless screen. You
may still configure and store keys here, but they will not be used while Dynamic WEP is enabled.
To use Dynamic WEP, enable and configure the RADIUS server (see section 7.15) and enable Dynamic
WEP Key Exchange in the 802.1x screen. Ensure that the wireless station’s EAP type is configured to one of
the following:
connection times out, disconnects or reauthentication times out. A new WEP key is generated each time
reauthentication is performed.
If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless screen. You
may still configure and store keys here, but they will not be used while Dynamic WEP is enabled.
To use Dynamic WEP, enable and configure the RADIUS server (see section 7.15) and enable Dynamic
WEP Key Exchange in the 802.1x screen. Ensure that the wireless station’s EAP type is configured to one of
the following:
• EAP-TLS
• EAP-TTLS
• PEAP
• EAP-TTLS
• PEAP
EAP-MD5 cannot be used with Dynamic WEP Key Exchange.