Руководство Пользователя для ZyXEL g-2000 plusv2
ZyXEL G-2000 Plus v2 User’s Guide
414
RADIUS Server Authentication Sequence
The following figure depicts a typical wireless network with a remote RADIUS server for user
authentication using EAPOL (EAP Over LAN).
authentication using EAPOL (EAP Over LAN).
Figure 231 Sequences for EAP MD5–Challenge Authentication
Mutual Authentication with Internal RADIUS server.
Microsofts Challenge-Handshake Authentication Protocol (MS-CHAP V2) is used to
periodically verify the identity of the peer (station or other AP) using a three-way handshake.
periodically verify the identity of the peer (station or other AP) using a three-way handshake.
The following figure depicts a typical wireless network with a ZyXEL device RADIUS server
for user authentication using PEAP (Protected EAP) and MS-CHAP V2.
for user authentication using PEAP (Protected EAP) and MS-CHAP V2.
The ZyXEL device authenticates in two phases when it is acting as a RADIUS server:
WPA
TKIP/AES
No
Enable
WPA-PSK
TKIP/AES
Yes
Disable
WPA2
TKIP/AES
No
Enable
WPA2-PSK
TKIP/AES
Yes
Disable
Table 157 Wireless Security Relational Matrix (continued)
AUTHENTICATION
METHOD/ KEY
MANAGEMENT PROTOCOL
METHOD/ KEY
MANAGEMENT PROTOCOL
ENCRYPTION
METHOD
METHOD
ENTER
MANUAL KEY
MANUAL KEY
IEEE 802.1X