ZyXEL Wireless Access Point G1000 91-005-124003B Manual De Usuario

G-1000 User’s Guide

Chapter 6 Wireless LAN

59

Wi-Fi Protected Access (WPA and WPA2) applies IEEE 801.2x and Extensible 
Authentication Protocol (EAP) to authenticate wireless clients using and external RADIUS 
database. WPA has better user authentication and improved data encryption than WEP, and 
WPA2 provides even better data encryption and user authentication than WPA. See the 
appendix for more information on WPA(2) user authentication and WPA encryption.

If the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for 
stronger data encryption. If you don’t have an external RADIUS server, you should use 
WPA2-PSK (WPA2-Pre-Shared Key). WPA2-PSK only requires a single (identical) password 
entered into each WLAN member. As long as the passwords match, a client will be granted 
access to a WLAN. 

If the wireless clients do not support WPA2, use WPA or WPA-PSK, depending on whether or 
not you have an additional RADIUS server. Use WEP only if the wireless clients do not 
support WPA(2).

Note: You can’t use the Local User Database for authentication when you select 

WPA(2).

A WPA-PSK (or WPA2-PSK) application looks as follows.

1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key 

(PSK) must be between 8 and 63 printable characters (including spaces; alphabetic 
characters are case-sensitive).

2 The AP checks each client’s password and (only) allows it to join the network if the 

password matches.

3 The AP derives and distributes keys to the wireless clients.

4 The AP and wireless clients use the TKIP or AES encryption process to encrypt data 

exchanged between them.