Справочник Пользователя для ZyXEL Communications NWA3160
Chapter 9 Wireless Security Configuration
ZyXEL NWA-3160 Series User’s Guide
124
3 The AP derives and distributes key information to the wireless clients. The key itself is
not sent over the network, but is derived from the PSK and information exchanged
between the AP and the client.
between the AP and the client.
4 The AP and wireless clients use the TKIP or AES encryption process to encrypt data
exchanged between them.
Figure 72 WPA(2)-PSK Authentication
9.5 WPA(2) with External RADIUS Application Example
You need the IP address of the RADIUS server, its port number (default is 1812), and the
RADIUS shared secret. A WPA(2) application example with an external RADIUS server
looks as follows. “A” is the RADIUS server. “DS” is the distribution system.
RADIUS shared secret. A WPA(2) application example with an external RADIUS server
looks as follows. “A” is the RADIUS server. “DS” is the distribution system.
1 The AP passes the wireless client’s authentication request to the RADIUS server.
2 The RADIUS server then checks the user's identification against its database and grants
2 The RADIUS server then checks the user's identification against its database and grants
or denies network access accordingly.
3 The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then
sets up a key hierarchy and management system, using the pair-wise key to dynamically
generate unique data encryption keys to encrypt every data packet that is wirelessly
communicated between the AP and the wireless clients.
generate unique data encryption keys to encrypt every data packet that is wirelessly
communicated between the AP and the wireless clients.