ZyXEL NBG-416N Guia Do Utilizador

 Appendix D Wireless LANs

NBG-416N User’s Guide

A WPA(2)-PSK application looks as follows.

First enter identical passwords into the AP and all wireless clients. The Pre-Shared 
Key (PSK) must consist of between 8 and 63 ASCII characters (including spaces 
and symbols).

The AP checks each wireless client's password and (only) allows it to join the 
network if the password matches.

The AP derives and distributes keys to the wireless clients.

The AP and wireless clients use the TKIP or AES encryption process to encrypt 
data exchanged between them.

Figure 133   WPA(2)-PSK Authentication

You need the IP address of the RADIUS server, its port number (default is 1812), 
and the RADIUS shared secret. A WPA(2) application example with an external 
RADIUS server looks as follows. "A" is the RADIUS server. "DS" is the distribution 
system.

The AP passes the wireless client's authentication request to the RADIUS server.

The RADIUS server then checks the user's identification against its database and 
grants or denies network access accordingly.

The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that 
then sets up a key hierarchy and management system, using the pair-wise key to 
dynamically generate unique data encryption keys to encrypt every data packet 
that is wirelessly communicated between the AP and the wireless clients.